Best practice for periodic key change?

Jerome Baum jerome at
Sat May 7 23:22:33 CEST 2011

2011/5/7 MFPA <expires2011 at>

> On Saturday 7 May 2011 at 9:56:14 PM, in
> <mid:201105072256.15008 at>, Ingo Klöcker wrote:
> > It depends on your definition of "valid". In my book a
> > signature can  only be valid if the corresponding key
> > is valid. Expired keys are not  valid (anymore).
> I thought a key was incapable of making signatures with timestamps
> beyond its expiry time but could still be used to verify signatures
> that already existed.

Definitely. I get his point about rejecting them entirely though, as it is
(and that's what this dicussion is all about) difficult to verify the
(actual) signature time.

Jerome Baum

tel +49-1578-8434336
email jerome at
PGP: A0E4 B2D4 94E6 20EE 85BA E45B 63E4 2BD8 C58C 753A
PGP: 2C23 EBFF DF1A 840D 2351 F5F5 F25B A03F 2152 36DA
-------------- next part --------------
An HTML attachment was scrubbed...
URL: </pipermail/attachments/20110507/e369060e/attachment.htm>

More information about the Gnupg-users mailing list