On Saturday 23 December 2006 20:11, Robert J. Hansen wrote: > Mike Frysinger wrote: > > and what would you suggest ? create brand new key sets when the > > previous one expires ? i thought one of the points of subkeys is to > > minimize this sort of management > > The best way to minimize management is to reduce the amount of stuff > that needs to be managed. > > There almost certainly exist specialized applications where key expiry > makes a lot of sense. But in general, I think most people who set their > keys to expire do so without really thinking about what clear benefits > it gives them, or what specific problem of theirs it will solve. > > If you can point to a specific requirement or need of the Gentoo > community which key expiry will help address, then by all means, go for > it. Otherwise, simplify your management by removing expiries.
ok, but i think this is a different aspect than what we're talking about here ... sep keys means different uid's whereas a subkey is bound to the same uid ... people sign my uid and i have signing subkeys versus people sign my uid, i create a new key/uid and sign that with my own key subkeys can have expiration limits placed on them as well, so i dont see how your thoughts here are specific to saying "subkeys are the wrong way of doing things" ... what'd i miss ? -mike
pgpRywwXm9fLJ.pgp
Description: PGP signature
_______________________________________________ Gnupg-users mailing list [email protected] http://lists.gnupg.org/mailman/listinfo/gnupg-users
