On 09/19/2018 10:33 PM, Bill Ricker wrote: > QuBits aren't QUITE on the Moore's Law 18-month doubling cycle yet; my > back-of-the-envelope shows going from 7 QuBits to 72 QuBits in 16 years is > doubling in 28 months. Which is kinda close to Moore's law for RAM (24 > months)... > How soon the engineering will allow a growth spurt is unclear. > > So setting my ED25519 key expiration at 10 years was just about right, :-) > that's just exactly when it should be doable commercially :-). > A little shorter would have been more conservative!
Hmm. My understanding of key-expiries has been more that they're useful as a sort of dead-man switch (since you can always publish *changes* to the expiration-dates as long as you have still are capable of accessing and making use of the private key, and haven't published a revocation); to help balance concerns about things like long-term management of secrecy (however low your likelihood of compromise is over the course of a year, if it's non-zero then it compounds over multiple years/decades--and larger probabilities compound more quickly; this is he concern that Schneier quoted from Filippo Valsorda a couple years ago, form example <https://www.schneier.com/blog/archives/2016/12/giving_up_on_pg.html>); or what what happens to your key's validity after it becomes inaccessible to/by you (for example if you become incapacitated or die unexpectedly...); or, more generally, to establish key-migration timeframes. To *those ends*, a 10-year expiry period is kind of crazy-sounding--especially if you take a position like "my modern smartphone is the most easily-compromised keystore, because someone could easily mug me for or I could fumble it into someplace where I can't retrieve it before someone else has the opportunity; and my password probably won't guard it for *that* long..., so maybe I should be giving the smartphone short-lived subkeys on the order of 1 month or even less". -- Connect with me on the GNU social network: <https://status.hackerposse.com/rozzin> Not on the network? Ask me for an invitation to a social hub! _______________________________________________ gnhlug-discuss mailing list [email protected] http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss/
