Key lifetime
L. Sassaman
rabbi@quickie.net
Thu, 8 Jun 2000 13:06:58 -0700 (PDT)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
The longer the lifetime of a key, the more likely the key is to be
compromised. If you chose to retire a key, be sure to link your new key
with the old by signing it with the old before the old key expires.
Note that you can make use of the fact that multiple subkeys are permitted
in OpenPGP to address this issue partially: you expire your encryption
keys, but keep your signing key the same.
- --Len.
On Thu, 8 Jun 2000, Stefan H. Holek wrote:
> I understand it is advisable to put an expiration date
> on one's key. On the other hand my "web-of-trust" is lost
> when the key expires, and I have to start from zero...
>
> Any expert advice on key lifetime appreciated.
>
> Thx,
> Stefan
>
> --
> Stefan H. Holek, stefan@epy.co.at
>
__
L. Sassaman
System Administrator | "It's a nice day
Technology Consultant | to start again."
icq.. 10735603 |
pgp.. finger://ns.quickie.net/rabbi | --Billy Idol
-----BEGIN PGP SIGNATURE-----
Comment: OpenPGP Encrypted Email Preferred.
iD8DBQE5P/zpPYrxsgmsCmoRAkb1AJsElusxJ+ZZ4GCdKPovtYpq6J6GVgCgozj2
jFao9iYr+dI05Gb8PRjTxnc=
=/NpN
-----END PGP SIGNATURE-----