Key lifetime

[Florian Weimer]

"L. Sassaman" <rabbi@quickie.net> writes:

> > > The longer the lifetime of a key, the more likely the key is to be
> > > compromised. If you chose to retire a key, be sure to link your new key
> > > with the old by signing it with the old before the old key expires.
> > 
> > Does this mean an expired key can still be used for computing trust?
> 
> Yes. Read RFC 2440 if you're really interested.

Do you have a quote?  I'm quite sure this issue is *not* covered by
RFC 2440.

-- 
Florian Weimer 	                  Florian.Weimer@RUS.Uni-Stuttgart.DE
University of Stuttgart           http://cert.uni-stuttgart.de/
RUS-CERT                          +49-711-685-5973/fax +49-711-685-5898
http://ca.uni-stuttgart.de:11371/pks/lookup?op=get&search=0xC06EC3B5