Best practice for periodic key change?
MFPA
expires2011 at ymail.com
Sat May 7 21:43:38 CEST 2011
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Hi
On Saturday 7 May 2011 at 3:06:16 PM, in
<mid:201105071606.21732.mailinglisten at hauke-laging.de>, Hauke Laging
wrote:
> Am Samstag, 7. Mai 2011, 15:54:21 schrieb MFPA:
>> You can't assume.
> You can very well if you don't claim that for all cases but use this
> assumption for distinguishung between a useful and a useless use if
> expiration dates. AFAIR noone here on the list has claimed that it
> makes sense (with respect to security) to use key expiration dates
> without offline mainkeys. That is an important point in the
> discussion.
At what point does it become safe to assume that an individual with
expiry dates on their subkeys keeps their master key securely offline?
- --
Best regards
MFPA mailto:expires2011 at ymail.com
Raining cats and dogs is better than hailing taxis.
-----BEGIN PGP SIGNATURE-----
iQE7BAEBCgClBQJNxaDynhSAAAAAAEAAVXNpZ25pbmdfa2V5X0lEIHNpZ25pbmdf
a2V5X0ZpbmdlcnByaW50IEAgIE1hc3Rlcl9rZXlfRmluZ2VycHJpbnQgQThBOTBC
OEVBRDBDNkU2OSBCQTIzOUI0NjgxRjFFRjk1MThFNkJENDY0NDdFQ0EwMyBAIEJB
MjM5QjQ2ODFGMUVGOTUxOEU2QkQ0NjQ0N0VDQTAzAAoJEKipC46tDG5pdSUD/jTu
kidc9dx/CxOkkkt9vmi2NEkctq66dBkVPFbeWPHOVwQNafWNh+tnG9t2JTdgfDJZ
LP6TXw0tE8dJsNIXaZO4RfvQbtaYNqFVIVxd+jUoihAsROV+DYbAjrMv89lW2j9K
mJS4835oQludvIqrXQ6Yaw5voqhWYvWnTGcDs8Qh
=9FId
-----END PGP SIGNATURE-----
More information about the Gnupg-users
mailing list