Best practice for periodic key change?

Doug Barton dougb at
Fri May 6 22:56:07 CEST 2011

On 05/06/2011 13:48, Jerome Baum wrote:
> On Fri, May 6, 2011 at 22:37, Doug Barton <dougb at
> <mailto:dougb at>> wrote:
>     I don't understand this response. What I'm saying is that if the key
>     is compromised, expiration dates become irrelevant.
> Up to a point. If my key expired yesterday, no-one can forge a message
> with that key and claim it's from today.

That's absolutely not true. New signatures can be created with expired 
keys, and as Werner pointed out new signatures can be created with keys 
that have had their expiration dates updated, and although a percentage 
of users may inquire about it, it's usually the "know just enough to be 
dangerous" contingent (I.e., those smart enough to know that the key is 
expired on their key ring, but not smart enough to refresh it). There 
may be a tiny percentage of users who are smart enough to do both, who 
would then realize that the signature is invalid. However given that the 
scenario you described (forgery, vs. key compromise) is so 
overwhelmingly unlikely to happen (at least in any kind of meaningful 
way) I'm not sure it's worth considering.


	Nothin' ever doesn't change, but nothin' changes much.
			-- OK Go

	Breadth of IT experience, and depth of knowledge in the DNS.
	Yours for the right price.  :)

More information about the Gnupg-users mailing list