Henrique de Moraes Holschuh <[email protected]> writes: > One thing we have not talked about, is that of subkey validity. It is > not that kosher to have anything signed in stable with a subkey which > will not be valid for the lifetime of stable, so we should keep that in > mind.
I currently use a one year expiration time on the signing subkey and then extend it every six months (and do something similar with the encryption subkey and the main key, except use two years). The idea is that if something particularly serious happens to me such that I can't make use of my revocation certificate, the exposure time for the key is at least partly limited. I think that's still consistent with using that key to sign source packages in stable; either it will be extended, or something really bad happened and even stable users should probably know that. Back before I knew what I was doing with PGP, I created a key without a pre-generated revocation certificate and then ended up, over the years, forgetting the passphrase (I was sure I knew what it was, but it doesn't work). That key, 0x56E8F739, is still floating around out there and I can't make it go away, whereas if I'd set an expiration date on it from the start and extended it periodically, it would have expired now and it would be clear that it's no longer my key. -- Russ Allbery ([email protected]) <http://www.eyrie.org/~eagle/> -- To UNSUBSCRIBE, email to [email protected] with a subject of "unsubscribe". Trouble? Contact [email protected] Archive: http://lists.debian.org/[email protected]
