On Wed, 2013-06-12 at 03:10 +0200, Carlos Alberto Lopez Perez wrote:

> Which package contains such oui file? Is there any package shipping
> generic oui files to be shared or is every package shipping just his own
> oui file?

None yet, all packages that need it ship a copy of it, possibly in a
different form. See these bugs for the current status (not good):


> I have AES encrypted revocation certificates already generated that I
> store in different places. In case I lost my private key I can just
> revoke it.

A revocation certificate isn't enough; there are plenty of situations
where you want the key to become invalid and you won't be able to access
those revocation certificates; most of them involve accidental death or
permanent loss of mental faculties.

> I find the usage of an expiration date a bit annoying, because if
> someone don't updates regularly his keyring he can have my key expired
> even if I renewed it, and he could run into trouble to encrypt the mail
> to me. Not everyone is tech savvy. This already has happened with some
> friends.

Not regularly updating your keyring is a security issue because you will
miss key revocations. Having a key expiry is a good way to find people
who are vulnerable to this issue and inform them that they need to
change their practices. With parcimonie and tor installed, they
basically don't need to think about it any more. The OpenPGP best
practices document covers this and several other things:




Attachment: signature.asc
Description: This is a digitally signed message part

Reply via email to