expiring gpg keys

Ingo Klöcker kloecker at kde.org
Sun Jan 25 11:50:11 CET 2009

On Sunday 25 January 2009, Faramir wrote:
> David Shaw escribió:
> > On Jan 24, 2009, at 4:46 PM, Faramir wrote:
> >> David Newman escribió:
> >>> Michael Lucas' gpg/pgp book recommends setting a relatively short
> >>> expiration time, such as a year, for personal keys.
> >>
> >>  Well... I am not sure if that is a good idea... since if your key
> ...
> > You don't have to do this if you don't want to.   If you set an
> > expiration date and the key expires, you can always change the
> > expiration date to a further date in the future (i.e. 'un-expiring'
> > your key).
>   Now I think about it, what is the point about expiring the main
> key? Protecting against losing the secret key and being unable to
> revoke it?

Yes, I'd say this is the main reason behind Michael Lucas's 
recommendation. Does Michael Lucas also recommend creating a revocation 
certificate and storing it at a safe place (best printed on paper)?

> In the case of subkeys, if they are compromised, the 
> attacker still can't change their expiration date (since the main key
> remains secure), but in the case of the main key... if it is
> compromised, the attacker can do anything he/she wants... except
> un-revoking the copy from keyservers.

Exactly. Therefore you should always have a revocation certificate (or 
even multiple revocation certificates with different reasons for 
revocation) at hand.

Moreover, I'd say one should explicitely revoke expired keys one does 
not intend to re-use/un-expire, so that they can never be un-expired by 
someone else.

-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 197 bytes
Desc: This is a digitally signed message part.
URL: </pipermail/attachments/20090125/e32c45df/attachment.pgp>

More information about the Gnupg-users mailing list