What to do when subkey expires?
Grant Olson
kgo at grant-olson.net
Tue Apr 6 03:38:45 CEST 2010
On 04/05/2010 08:20 PM, Brian Mearns wrote:
> Sorry for such a simple question, but I can't find a simple answer. My
> signing and encryption subkeys have expired, so do I just create new
> subkeys, and upload to the SKS servers? Do I have to delete the
> subkeys, or revoke them?
>
> Thanks,
> -Brian
>
You could create new subkeys and upload them and just let the old ones
expire.
If you feel the keys are still safe and uncompromised, you could also
just change the expiration date and upload the latest version of the
keys to the servers.
You probably don't want or need to revoke them.
You really don't want to delete them if you want to read your previously
encrypted data. Also, deleting them will mean they're still out there
on the keyservers. You'll just get them back if/when you run an update
from the keyservers, as will anyone who has your key.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 554 bytes
Desc: OpenPGP digital signature
URL: </pipermail/attachments/20100405/134eee2c/attachment.pgp>
More information about the Gnupg-users
mailing list