[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: APT public key updates?



Nick Phillips <nwp@nz.lemon-computing.com> wrote:
> If the 2006 key takes (say) 15 months to compromise, then it is fine
> to use it to sign and verify the new key on 1/1/2007, so long as you
> perform that verification before March...

Or be able to proof the date of signing.

> IOW using the old key to sign the new key only requires that the old
> key be "good" at one point during the new year, whereas continuing to
> use the old key requires that it be "good" all year.

Yes, but it breaks a long term usage like web of trust.

Gruss
Bernd



Reply to: