Why expire?
Ben Finney
ben@benfinney.id.au
Tue Jul 29 06:43:02 2003
--hYooF8G/hrfVAmum
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable
On 28-Jul-2003, J Irving wrote:
> Why expire keypairs? They can, afterall, be revoked.
Not if you lose (or lose access to) the secret key. Giving them an
expiry date guards against unrevocable keys (or subkeys) hanging around
forever.
> One reason I immediately come up with is that the longer they exist,
> the more likely they are to be compromised.
That's another good reason; having the expiry date is a good reminder of
this fact.
--=20
\ "When I was little, my grandfather used to make me stand in a |
`\ closet for five minutes without moving. He said it was elevator |
_o__) practice." -- Steven Wright |
Ben Finney <ben@benfinney.id.au>
--hYooF8G/hrfVAmum
Content-Type: application/pgp-signature
Content-Disposition: inline
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (GNU/Linux)
iEYEARECAAYFAj8l+6EACgkQt6wuUb1BcUuIDwCeIZ7H82LAwhTxW6i8r/ylaj6O
EJQAn3QzkLt9+9AzN+fMFANMAOGzbAj8
=2hn5
-----END PGP SIGNATURE-----
--hYooF8G/hrfVAmum--