Best practice for periodic key change?
kgo at grant-olson.net
Fri May 6 22:54:28 CEST 2011
On 5/6/11 4:48 PM, Jerome Baum wrote:
> On Fri, May 6, 2011 at 22:37, Doug Barton <dougb at dougbarton.us
> <mailto:dougb at dougbarton.us>> wrote:
> I don't understand this response. What I'm saying is that if the key
> is compromised, expiration dates become irrelevant.
> Up to a point. If my key expired yesterday, no-one can forge a message
> with that key and claim it's from today.
> Just being nit-picky... :)
Doug is saying that if the key's been compromised, and not lost, Eve can
create a new expiration date and push that to the keyservers.
"I am gravely disappointed. Again you have made me unleash my dogs of war."
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 570 bytes
Desc: OpenPGP digital signature
More information about the Gnupg-users