Best practice for periodic key change?

Jerome Baum jerome at
Sat May 7 01:01:30 CEST 2011

On Sat, May 7, 2011 at 00:40, MFPA <expires2011 at> wrote:

On Friday 6 May 2011 at 10:18:29 PM, in
> <mid:BANLkTin2w8LJxYGHV3_5NpFbsiBhrP96XA at>, Jerome Baum
> wrote:
> >>> If my key expired yesterday, no-one can
> >>> forge a message with that key and claim it's from
> >>> today.
> Suppose your master key is secure and offline but Mallory has control
> of your subkey that expired yesterday. Mallory can put their system
> clock back 24hrs to sign and send a message, and then truthfully claim
> the message was signed today. They can back up this claim with email
> headers and server logs demonstrating the clock discrepancy.
> Maybe implausible but definitely trivial.

Okay, let me rephrase that. "claim it's from today" should have been "have
the signature date as today". That's how I would interpret such a claim.
Email headers don't really make a difference -- they would have signed it
yesterday and sent it today, but the message is still from yesterday.

Jerome Baum

tel +49-1578-8434336
email jerome at
PGP: A0E4 B2D4 94E6 20EE 85BA E45B 63E4 2BD8 C58C 753A
PGP: 2C23 EBFF DF1A 840D 2351 F5F5 F25B A03F 2152 36DA
-------------- next part --------------
An HTML attachment was scrubbed...
URL: </pipermail/attachments/20110507/7bb7e441/attachment-0001.htm>

More information about the Gnupg-users mailing list