Best practice for periodic key change?
jerome at jeromebaum.com
Sat May 7 22:52:51 CEST 2011
On Sat, May 7, 2011 at 21:43, MFPA <expires2011 at ymail.com> wrote:
> On Saturday 7 May 2011 at 3:06:16 PM, in
> <mid:201105071606.21732.mailinglisten at hauke-laging.de>, Hauke Laging
> > Am Samstag, 7. Mai 2011, 15:54:21 schrieb MFPA:
> >> You can't assume.
> > You can very well if you don't claim that for all cases but use this
> > assumption for distinguishung between a useful and a useless use if
> > expiration dates. AFAIR noone here on the list has claimed that it
> > makes sense (with respect to security) to use key expiration dates
> > without offline mainkeys. That is an important point in the
> > discussion.
> At what point does it become safe to assume that an individual with
> expiry dates on their subkeys keeps their master key securely offline?
I don't think you get what kind of assumption we are talking about. There
are two kinds:
1. I assume something is generally true, e.g.: I assume the world is around.
2. I assume something is true within this scope, so I don't have to restate
the precondition with every statement I make, e.g.: "assuming y < z, and z <
x, we can follow that y < x". It isn't really an argument to say "you can't
assume y < z, so the point is invalid".
email jerome at jeromebaum.com
PGP: A0E4 B2D4 94E6 20EE 85BA E45B 63E4 2BD8 C58C 753A
PGP: 2C23 EBFF DF1A 840D 2351 F5F5 F25B A03F 2152 36DA
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Gnupg-users