Why expire?

J Irving j@erf.sh
Tue Jul 29 05:46:02 2003


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

                                        2003.07.28 @ 20:44 PDT
heya

This is a question aimed at researching opinion - it does *not*
imply that I think key expiration is a bad idea.  I'm relatively
neutral, tending to the conservative.

Why expire keypairs?  They can, afterall, be revoked.

One reason I immediately come up with is that the longer they
exist, the more likely they are to be compromised.  Are there
other reasons?

Your thoughts appreciated.

cheers
J
- -- 
I must review my disbelief in angels.
-----BEGIN PGP SIGNATURE-----

iD8DBQE/Je5GUMt2z+iZNdMRAhQMAJ9yXdMXk+tLGQYeRyh/S0WCvyLx8QCeI0B5
rc+Wbkl+ZOa2fR0YnhZnaC8=
=EKRE
-----END PGP SIGNATURE-----