GnuPG Manual and Digital Signatures
Wed Sep 26 17:24:01 2001
Content-Type: text/plain; charset=us-ascii
On Mon, Sep 24, 2001 at 01:41:43AM -0700, Todd A. Jacobs wrote:
> >From the manual:
> Typically, a digital signature has a long lifetime, e.g., forever,
> and you also do not want to lose the signatures on your key that you
> worked hard to collect. On the other hand, the encryption subkey may
> be changed periodically for extra security, since if an encryption
> key is broken, the attacker can read all documents encrypted to that
> key both in the future and from the past.
> >From this, and other sections of the text, it appears to be saying that
> there is no security implication in someone cracking the master key
> because it is only used to sign, and not to encrypt.
> To my way of thinking, though, the fact that someone might be able to
> forge my signature is at least as big a problem as allowing them to
> intercept messages with a compromised subkey.
> Have I misunderstood the manual on this point? Am I wrong in thinking that
> a signing key which never expires represents a danger?
I view it as matter of tradeoffs. It's easy to make new encryption
and signing subkeys and expire the old ones however often you feel it
The master signing key, though, is a special case - it is the key that
collects signatures that ties you to the web of trust. If you expire
that, you lose all of the key signatures that you presumably worked
hard to get.
So, you can expire the master key (which in effect expires the whole
shebang), but there is a cost. There is effectively no cost in
expiring subkeys, whether they are encryption or signing subkeys.
David Shaw | email@example.com | WWW http://www.jabberwocky.com/
"There are two major products that come out of Berkeley: LSD and UNIX.
We don't believe this to be a coincidence." - Jeremy S. Anderson
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (GNU/Linux)
Comment: For info see http://www.gnupg.org
-----END PGP SIGNATURE-----