Best practice for periodic key change?

[MFPA]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Hi


On Saturday 7 May 2011 at 9:56:14 PM, in
<mid:201105072256.15008 at thufir.ingo-kloecker.de>, Ingo Klöcker wrote:


> It depends on your definition of "valid". In my book a
> signature can  only be valid if the corresponding key
> is valid. Expired keys are not  valid (anymore).

I thought a key was incapable of making signatures with timestamps
beyond its expiry time but could still be used to verify signatures
that already existed.

- --
Best regards

MFPA                    mailto:expires2011 at ymail.com

A wise man once said ..."I don't know."
-----BEGIN PGP SIGNATURE-----

iQE7BAEBCgClBQJNxbcJnhSAAAAAAEAAVXNpZ25pbmdfa2V5X0lEIHNpZ25pbmdf
a2V5X0ZpbmdlcnByaW50IEAgIE1hc3Rlcl9rZXlfRmluZ2VycHJpbnQgQThBOTBC
OEVBRDBDNkU2OSBCQTIzOUI0NjgxRjFFRjk1MThFNkJENDY0NDdFQ0EwMyBAIEJB
MjM5QjQ2ODFGMUVGOTUxOEU2QkQ0NjQ0N0VDQTAzAAoJEKipC46tDG5pPPgD/0Gw
4SINz9JbMTzdQdTe3KL5KkaoyK15RziImH0U3mvfYFRsfjm4+F+u8LwaiKHMZQmk
1tbJPy284qBHMMapxVh6uQToVRHZhmjwlO70SAKKcF42cDWiNwW6cLzm+0a9xB1Y
dqHxXECsPuJi7Ay52e5cvCMV7hL8xiqjKdrTKoLe
=UTKJ
-----END PGP SIGNATURE-----