Keyserver access changes in GnuPG
Wiktor Kwapisiewicz
wiktor at metacode.biz
Wed Dec 12 22:43:49 CET 2018
On 12.12.2018 22:35, Andrew Luke Nesbit wrote:
> My subkeys expired on Monday, 10/12/2018. I've updated my subkeys with
> a new expiration date (in one year). I'm considering NOT uploading the
> new public keys to the keyservers. Rather, I will distribute them using
> other channels, such as downloading from my personal website or sneakernet.
>
> Should I issue and publish a revocation certificate? Will this cause
> problems considering that I'm still using the same master key?
I don't think revocation is necessary if the private subkeys are still safe.
It may be just inconvenient for people that want to contact you / verify your
signatures to see your subkeys expired and when they "gpg --refresh-keys" (as
they always do) your key would still be expired with no apparent way of
proceeding. If I saw something like that I'd think the key is abandoned.
If you had HTTPS on your site I'd recommend Web Key Directory as this downloads
keys from your site *and* refreshes expired keys from your site too automatically.
Kind regards,
Wiktor
--
https://metacode.biz/@wiktor
More information about the Gnupg-users
mailing list