2 Q's

Gabriel Philippe gabri.philippe at gmail.com
Wed Aug 17 17:36:36 CEST 2016


On Wed, Aug 17, 2016 at 3:21 PM, Robert J. Hansen <rjh at sixdemonbag.org> wrote:
> You're assuming people refresh their keyrings.  Although that's a
> recommended practice, it appears to be the opinion of the minority.

I am used to being a minority. :)


> My
> certificate 0x23806BE5D6B98E10 has been revoked for seven months now,
> and yet people continue to use it instead of 0x1DCBDC01B44427C7.  If
> they had refreshed their keyrings even once in that time period, they
> would no longer be able to encrypt to 0x23806BE5D6B98E10.

Set an expiration date to your key one year from now. Every 6 months,
postpone this expiration date to 6 more months. It's too late for
these people, but in the future and same conditions, others won't have
a false security feeling when writing to you: if they keep using the
wrong tkey, they will get a warning.

-- 
Gabriel



More information about the Gnupg-users mailing list