signing key lifetime
Wed Sep 26 11:02:01 2001
Encryption is trying to keep a series of 0s and 1s "secret" between the
originator and the intended receipient(s).
A signing key is to authenticate the correct message. While the
encryption key is to obfuscate the 0s and 1s such that no one else can
access the correct representation of 0s and 1s (to form coherent
message). Encryption key is petty much open to attacks from a third
party (attacker) that wants to know the correct representaiton of 0s and
1s. With Moore's law on the attacker's side, attacker is able to brute
force search the possible combination better/faster, thus reducing the
effectiveness of a encryption key.
How did my $0.02 go, folks? :-)
Todd A. Jacobs wrote:
>No one has answered this question yet, so I'm going to ask it again in a
>slightly different way. What is the basis for the GnuPG manual's claim
>that the effective lifetime of a signing key is infinite, while the
>effective lifetime of an encryption key is limited?