My key expired, do I need to revoke

David Shaw
Sat Aug 3 17:16:07 2002

On Sat, Aug 03, 2002 at 12:11:48PM +0100, Sean Rima wrote:
> My GPG key expired during July (I was on holiday then hospital). I am
> going to generate a new secret pair but was wondering if I should send
> an revoke to the pgp key servers.

The OpenPGP standard allows you to extend the expiration date of your
key.  If you like, you could just change the expiration date.

If you want to generate a new keypair anyway, then it is not strictly
necessary in this case, but good practice to revoke the old one as it
makes it significantly harder for an attacker to get ahold of your old
secret key and extend the expiration date against your will.


   David Shaw  |  |  WWW
   "There are two major products that come out of Berkeley: LSD and UNIX.
      We don't believe this to be a coincidence." - Jeremy S. Anderson