Renewing expiring key - done correctly?

Johannes Zarl johannes at
Wed Dec 4 00:00:21 CET 2013

On Tuesday 03 December 2013 23:44:20 Hauke Laging wrote:
> Expiration serves two purposes:
> 1) Passively revoke a key if you have lost access to the secret mainkey
> (i.e. to the key itself or to its passphrase).
> 2) Force your communication partners (people are lazy) to update your
> certificate from time to time (requires some understanding on their side).
> The length of the validity period is a compromise between higher "security"
> and less inconvenience (your own, too).

Sorry for asking a possibly stupid question, but how exactly does a shorter 
validity period get you more security?


More information about the Gnupg-users mailing list