Renewing expiring key - done correctly?

Robert J. Hansen rjh at
Thu Dec 5 04:04:44 CET 2013

On 12/4/2013 6:13 PM, Leo Gaspard wrote:
> So you could only delay the expiration date by 15 min... So useful ?

Sure.  I can think of three ways to leverage a 15-minute maximum shift
into dialing the clock back to whenever I want.  I'm sure if I were to
spend more time thinking I could find more ways.  Spend some time
considering the problem: it's a fun thought experiment and will help
sharpen your skill at thinking like an attacker.

NTP is not, and was never meant to be, secure against a malicious
adversary.  It's resistant against random failures, but an attacker is
going to induce conditions that are very far from random.

More information about the Gnupg-users mailing list