I have been working on a process to encrypt data files and send it to other organizations for processing. As part of this process, we decided to set our key to expire every year. Last year we did not act before the key expired and that same day added an additional subkey that would expire in September, 2006. We are now trying to be pro-active and work to "renew" the key and distribute it before it expires.
I have two questions regarding how to "renew" this key. 1) Is the correct way to renew the key to add another subkey that expires in September, 2007, or is there a better way? 2) If we do add another subkey that expires in September, 2007, how well will the two subkeys work together? It's going to be difficult to get everyone to convert to the updated key in the same day, so we won't be able to revoke the subkey at the same time we generate the new one. Another way to say this, we may be encrypting a file with the subkey added, while one or more organization may be using the old key (without the new subkey) and one or more organizations may be using the new key (with the new subkey). Will this work correctly?? Are there any other concerns that are being overlooked? Thanks Scott Seidl Electronic Communication Services [EMAIL PROTECTED] Tel) 920-592-2163 This document, and any attachments therein, contains proprietary and confidential information that may not be disclosed without the prior written permission of Schneider National, Inc. and its subsidiaries. Unauthorized use or misuse of this information and its contents is strictly prohibited. Schneider National, Inc. vigorously protects its rights. _______________________________________________ Gnupg-users mailing list [email protected] http://lists.gnupg.org/mailman/listinfo/gnupg-users
