Validity period of GPG-keys
Denis McCauley
DenisMcCauley@ifrance.com
Tue May 27 19:34:20 2003
On Tue, 27 May 2003 10:17:21 +0200
Jan Dirnberger <jpd@space.net> wrote:
>
> I'm working on a school project, including Public Key Infrastrucure (PKI).
> We are instructed to get out how long the validity period of a GPG-key
> should be set in a company or other organisations the info-material we collect
> is for in.
>
> First I wanted to advise a unrestricted validity, but then I remembered that
> organisations or enterprises might have often changing memebers. So I'm caught
> between the devil and the deep blue sea what to advise...
>
With GPG you can extend the expiry date of a key (although PGP
apparently does not recognise an extended expiry date).
Otherwise, you could revoke the keys of members who leave an
organisation, either by creating revocation certificates when keys are
created or by adding a designated revoker.
Hope that helps.
--
=====================================
Denis McCauley
GPG/PGP keys at http://www.djmccauley.tk
=====================================
_____________________________________________________________________
Envie de discuter en "live" avec vos amis ? Télécharger MSN Messenger
http://www.ifrance.com/_reloc/m la 1ère messagerie instantanée de France