On 05/06/2011 03:47 AM, Doug Barton wrote: > There's also another element, the expiration date is irrelevant if the > key is actually compromised. If Eve has your secret key she can simply > update or remove the expiration date, and upload the new version of the > public key to the public keyservers. So, I remain confused as to what > purpose expiration dates on the keys will serve.
This is a critical observation.
expiration dates are safeguards against a key becoming inaccessible to
the legitimate keyholder -- not against compromise.
There are other safeguards against keys becoming inaccessible, including
a safely-stored revocation certificate.
Expiration dates have the advantage over revocation certificates that
you do not need to keep track of anything or maintain safe and secure
longterm storage.
A safely-stored revocation certificate *also* protects against key
compromise, though, so you really ought to have one anyway. Consider
the expiration date as a safeguard against simultaneous loss (not
compromise) of the key and loss of the revocation certificate.
--dkg
signature.asc
Description: OpenPGP digital signature
_______________________________________________ Gnupg-users mailing list [email protected] http://lists.gnupg.org/mailman/listinfo/gnupg-users
