expire function

Michael Kirchner michael at hirnreck.de
Mon Dec 20 13:43:42 CET 2004


Hi all,

I am using GPG with Thunderbird and Enigmail to sign and encrypt mostly
private communication. Up to now I used the "expires" date to make sure
that my key will only be valid for about a year and so something like a
date is attached to my signatures. After about a year I then generated a
new key (eventually upgraded the size of the key), signed the new key
with the old one and uploaded it.

While at the time of starting with this method, some years back,
everything seemed reasonable I lately come to think about it again, as I
did never see anyone else do so (with the exception of the German CERT).

Perhaps you might enlighten me: is there an special security problem
connected to a yearly expire and reissuing of my keys?




Regards,
-- 
                          Michael Thomas Kirchner




More information about the Gnupg-users mailing list