[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: New key = New package?

On Fri, Aug 18, 2000 at 04:36:26PM +0200, Stefan Alfredsson wrote:
> IIRC what happens is that a special signature is added to 
> your key which informs of the new expiredate,
> and since this packet is signed by you its effectively as
> if you'd choosen another expireday to begin with.

If that really works, expiry is useless.  The whole point of expiring
keys is to reduce the risk of them being compromised during their lifetime
(by shortening the lifetime).

If anyone who has the key can extend its expiry time, then what is the
point?  You might as well not expire it in the first place.

Richard Braakman

Reply to: