Tracy R Reed wrote: > On Thu, Feb 03, 2005 at 09:47:05AM -0800, John H. Robinson, IV spake thusly: > > I personally beleive that having long-lived gpg keys is a bad thing > > Why? Do you believe in destroying your key and starting over every now > and then or do you just prefer to have an expiration date set such that > you have to manually take action every few years to renew it?
Destroy it. The trick is to get past key signators to sign the new key, and sign the keys of those you have already signed. This way you do not rip a gaping hole in the web of trust when the old key expires. If you can guarantee that no one has ever had access to your private key ever under any circumtance, feel free to leave the expiration set to never. As computing power increases, the old cryptopgraphy gets weaker. At one point, the passphrase is no longer the weak link in the chain. You should have a new key before that time arrives. Five years is probably a bit conservative, but that is over three computing power doubles from the time of its creation. More correctly, computing power has increased 10-fold since the time of its creation. 2**(5*12/18) = 10.08 Wait ten years, and you have 100 times the computing power from when your key was made. 2**(10*12/18) = 101.59. Are you certain you want that kind of power pointed at your secret key? -john -- KPLUG-List mailing list [email protected] http://www.kernel-panic.org/cgi-bin/mailman/listinfo/kplug-list
