signing key lifetime

Edward Khoo
Wed Sep 26 11:02:01 2001

Encryption is trying to keep a series of 0s and 1s "secret" between the 
originator and the intended receipient(s).

A signing key is to authenticate the correct message. While the 
encryption key is to obfuscate the 0s and 1s such that no one else can 
access the correct representation of 0s and 1s (to form coherent 
message). Encryption key is petty much open to attacks from a third 
party (attacker) that wants to know the correct representaiton of 0s and 
1s. With Moore's law on the attacker's side, attacker is able to brute 
force search the possible combination better/faster, thus reducing the 
effectiveness of a encryption key.

How did my $0.02 go, folks? :-)

Todd A. Jacobs wrote:

>No one has answered this question yet, so I'm going to ask it again in a
>slightly different way. What is the basis for the GnuPG manual's claim
>that the effective lifetime of a signing key is infinite, while the
>effective lifetime of an encryption key is limited?