signing keys with expiration

Atom 'Smasher' atom at
Wed May 19 08:52:26 CEST 2004

Hash: SHA1

when signing a key with an expiration date, a user is asked:
	Do you want your signature to expire at the same time? (Y/n)

why is the default "yes"?

i use an expiration on my keys as a sort of self-revocation... should the
keys become neglected or abandoned, or if i lose the secret key, the keys
will revoke themselves. if nothing bad happens to me or my secret keys, i
plan to update the expiration on the keys indefinitely.

my concern is that a user who signs my keys might just go with the
default, which could cause me to have a bunch of expired signatures on my

of course it may be desirable, in some circumstances, to expire a
certification signature at the same time as the key expires, but i think
the default should be set to "no".


 PGP key -
 762A 3B98 A3C3 96C9 C6B7 582A B88D 52E4 D9F5 7808

	"I disapprove of what you say, but I will defend
	 to the death your right to say it."
		-- widely attributed to Voltaire, but written by
		Evelyn Beatrice Hall under the pseudonym
		S[tephen] G. Tallentyre.
		The Friends of Voltaire, 1906
Version: GnuPG v1.2.4 (FreeBSD)
Comment: What is this gibberish?  -


More information about the Gnupg-devel mailing list