Re: bits from the release team
Florian Weimer <firstname.lastname@example.org> writes:
> * Goswin von Brederlow:
>> Doesn't work if the key is ever compromised and a new one has to be
>> created out of schedule. Or when you spend your x-mas holidays away
>> from your system and couldn't upgrade before new years eve.
> Exactly, and this begs the question why we rotate keys at all.
A key might be compromised without our knowledge. With the yearly
rotation a stolen key will only be usefull for a limited time. Without
rotation an atttacker could gain the key and then wait for an
opportune moment to use it.
But that is not relevant to the problem. Experience shows that keys do
get compromised and need changing. So rotation or no rotation the key
change has to be handled anyway. Rotation just adds it at specific
intervals on top of random events.