Best practice for periodic key change?
expires2011 at ymail.com
Sat May 7 00:40:25 CEST 2011
-----BEGIN PGP SIGNED MESSAGE-----
On Friday 6 May 2011 at 10:18:29 PM, in
<mid:BANLkTin2w8LJxYGHV3_5NpFbsiBhrP96XA at mail.gmail.com>, Jerome Baum
>>> If my key expired yesterday, no-one can
>>> forge a message with that key and claim it's from
>> Never heard of a system clock that was wrong?
> I'll give a summary reply here for everyone stating
> it's still possible to make that signature. It's
> possible if the master key is compromised. I was
> assuming a sub-key with an expiration date.
It is trivial to make that signature without compromising the master
Suppose your master key is secure and offline but Mallory has control
of your subkey that expired yesterday. Mallory can put their system
clock back 24hrs to sign and send a message, and then truthfully claim
the message was signed today. They can back up this claim with email
headers and server logs demonstrating the clock discrepancy.
Maybe implausible but definitely trivial.
MFPA mailto:expires2011 at ymail.com
Ultimate consistency lies in being consistently inconsistent
-----BEGIN PGP SIGNATURE-----
-----END PGP SIGNATURE-----
More information about the Gnupg-users