Changing expiration time of subkeys

Daniel Kahn Gillmor dkg at fifthhorseman.net
Wed Jan 6 07:17:08 CET 2010


On 01/06/2010 12:59 AM, taurus wrote:
> I succeed to change the expiration date of the subkeys when I use the
> 'key 1' and 'key 2' command. Before I was using only 1,..2,...

great!

> On 6 January 2010, at 05:34, Daniel Kahn Gillmor wrote:
>> is there a reason that you need to keep any particular subkey in use?
> 
> This key I use in private and mostly with family.

I think the argument goes like this: do you have a way of getting
updates about your key to your family?

If you do, then you should be able to get them updates about new
subkeys.  So you don't need to update the expiration date of the old
subkeys.

If you don't have a way to get updates about your key to your family,
then updating the expiration dates of the old subkeys is irrelevant,
because they'll never get the updated expiration dates anyway, so they
won't know about them.

Anyway, it's up to you, of course, but i don't think the key being
private or certain other people using it are terribly strong arguments
for keeping a particular subkey instead of just creating a new one
(though i do think that stronger arguments exist for doing this in some
circumstances).

Regards,

	--dkg

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 891 bytes
Desc: OpenPGP digital signature
URL: </pipermail/attachments/20100106/d858d19a/attachment.pgp>


More information about the Gnupg-users mailing list