GnuPG Manual and Digital Signatures

[Todd A. Jacobs]

On Wed, 26 Sep 2001, David Shaw wrote:

> So, you can expire the master key (which in effect expires the whole
> shebang), but there is a cost.  There is effectively no cost in
> expiring subkeys, whether they are encryption or signing subkeys.

That makes sense, and I agree with it. But the manual presents it as
somehow having a longer cryptographically-secure useful lifetime. If
there's no evidence that the signing key is somehow less vulnerable to
attack, I just think the manual ought to be clearer about the useful
lifetime of the master signing key.

-- 
Work: It's not just a job, it's an indenture.