Renewing expiring key - done correctly?

Ingo Klöcker kloecker at
Thu Dec 5 19:30:07 CET 2013

On Tuesday 03 December 2013 19:03:13 Robert J. Hansen wrote:
> On 12/3/2013 6:20 PM, Hauke Laging wrote:
> > Imagine a certificate which is always prolonged for just one day. If
> > this gets compromised then it will not be prolonged any more (at
> > least not by its owner but we all love our highly secure offline
> > mainkeys, don't we?) so everyone will notice that within hours.
> 1.  The attacker can just extend the validity himself.  He's
>     successfully compromised the key, after all.
> 2.  As a consequence of #1, no one will notice.

In your quotation you've snipped away too much of Hauke's message. Hauke 
gave two scenarios. In the second scenario

> > b) the key has been compromised and cannot be revoked (because the
> > owner has lost access to the secret mainkey and has neither a
> > revocation certificate nor a (usable) designated revoker)

your assertion is correct.

In the first scenario

> > a) the key has been compromised and revoked and you don't know that
> > (because your last certificate update was before the revocation
> > publishing)

it is incorrect because the attacker cannot extend the validity of the 
revoked key.

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 198 bytes
Desc: This is a digitally signed message part.
URL: </pipermail/attachments/20131205/7aa5c9aa/attachment.sig>

More information about the Gnupg-users mailing list