Best practice for periodic key change?

John Clizbe John at
Thu May 5 18:52:18 CEST 2011

Hauke Laging wrote:
> BTW: Would it be a good idea for gpg to suggest the user to check for an 
> updated version of the key (or do it automatically before if configured to do 
> so) if it find an expired subkey? This would probably not work with the GUIs 
> though (but might make the GUI developers offer a similar feature).

Hi, Hauke.

What you are suggesting sounds quite doable.

It sounds like a slight variation of the auto-key-retrieve keyserver-option. An
expired (sub)key could trigger the same code to refresh the key, maybe calling
the option auto-refresh-expired or something similar.


John P. Clizbe                      Inet:   John (a) Enigmail DAWT net
FSF Assoc #995 / FSFE Fellow #1797  hkp://  or
     mailto:pgp-public-keys at

Q:"Just how do the residents of Haiku, Hawai'i hold conversations?"
A:"An odd melody / island voices on the winds / surplus of vowels"

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 886 bytes
Desc: OpenPGP digital signature
URL: </pipermail/attachments/20110505/98ebf7b4/attachment.pgp>

More information about the Gnupg-users mailing list