On Tue, Jul 03, 2001 at 08:57:08PM +0200, Martin F. Krafft wrote: > also sprach Taral (on Tue, 03 Jul 2001 01:41:44PM -0500): [snip] > > No. Changing the expiration date invalidates the signatures. > > does it? [snip] > Command> check <sorry Richard> > uid Martin F. Krafft <madduck@madduck.net> > sig! 330C4A75 2001-06-20 [self-signature] > sig! 888354F7 2001-07-02 Richard Atterer <email@is.hidden> No problem, my key is on the key servers anyway! :-) > but maybe someone can tell me what the subkey (D99FEE8D) is? that's > for encryption, right? that's not signed by anyone anyway, is it? > cause i don't seem to be capable of changing the expiration date on > that one. You can, you only need to know how to select it; with "key 1". ;-) > and besides, i noticed a lot of the keys on debian users are with > expiration dates. that's a good thing (tm). but judging from the > wast amounts of signatures some people have collected, i doubt that > process takes place every year, again and again... IMHO, expiring encryption keys are a Good Thing. Expiring signature keys are not. Of course, someone could conceivably, /theoretically/ set up a number cruncher to crack your key with that c00l discrete logarithm algorithm they knocked up the other day, and succeed after 3 years -- but the web of trust destroyed by the expiration of your key is a much worse situation, and could allow much more real-life attacks. Hm, now that I try to think this through in detail, it doesn't make sense... why do you have a separate encryption ElGamal key, anyway? Cheers, Richard -- __ _ |_) /| Richard Atterer | CS student at the Technische | GnuPG key: | \/¯| http://atterer.net | Universität München, Germany | 0x888354F7 ¯ ´` ¯
Attachment:
pgpAU_v6uL8JZ.pgp
Description: PGP signature