GnuPG Manual and Digital Signatures

David Shaw
Wed Sep 26 17:24:01 2001

Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

On Mon, Sep 24, 2001 at 01:41:43AM -0700, Todd A. Jacobs wrote:

> >From the manual:
> Typically, a digital signature has a long lifetime, e.g., forever,
> and you also do not want to lose the signatures on your key that you
> worked hard to collect. On the other hand, the encryption subkey may
> be changed periodically for extra security, since if an encryption
> key is broken, the attacker can read all documents encrypted to that
> key both in the future and from the past.
> >From this, and other sections of the text, it appears to be saying that
> there is no security implication in someone cracking the master key
> because it is only used to sign, and not to encrypt.
> To my way of thinking, though, the fact that someone might be able to
> forge my signature is at least as big a problem as allowing them to
> intercept messages with a compromised subkey.
> Have I misunderstood the manual on this point? Am I wrong in thinking that
> a signing key which never expires represents a danger?
I view it as matter of tradeoffs. It's easy to make new encryption and signing subkeys and expire the old ones however often you feel it is necessary. The master signing key, though, is a special case - it is the key that collects signatures that ties you to the web of trust. If you expire that, you lose all of the key signatures that you presumably worked hard to get. So, you can expire the master key (which in effect expires the whole shebang), but there is a cost. There is effectively no cost in expiring subkeys, whether they are encryption or signing subkeys. David --=20 David Shaw | | WWW +--------------------------------------------------------------------------= -+ "There are two major products that come out of Berkeley: LSD and UNIX. We don't believe this to be a coincidence." - Jeremy S. Anderson --LQksG6bCIzRHxTLp Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6 (GNU/Linux) Comment: For info see iQEVAwUBO7HygIccwqs8s7QVAQG6wAf/Xsv540c8zsSxKEmog0ITWuDnOQ4lGse8 fsTLZfrFYodbyA8k7CsuTaLK06DcjGwfbFvx+NIwbV9JAZNvkNV4H/jBkCtmtECb t/burehs9G5D+CY4lmpgyAhKiELQV8pr2CIfkSyULPdwR/t4F097lZbz1oebzppz XCgRJ58YG41C/nwOHu9eehB4Qy9mbfAdskNTK+rWJVfP+sN5+4WKUkXFq3/s13YB g/TTMv/pEjvcbWX9VcFs1aWpJSpBJHQDG8YLPCtwqXaPvTT7mI1sGX1uWKnTSsDs KeR+NbXGGpom8nX3mTiPEj/rgL2CtvtINWE3jOuJmhla7jf8O/8KXg== =72Hn -----END PGP SIGNATURE----- --LQksG6bCIzRHxTLp--