Re: Expired GPG keys of older release

To: debian-user@lists.debian.org
Subject: Re: Expired GPG keys of older release
From: Ben Finney <bignose@debian.org>
Date: Fri, 22 Jun 2018 09:09:13 +1000
Message-id: <[🔎] 85d0wjenza.fsf@benfinney.id.au>
References: <[🔎] ddca0514-7d2b-2a77-4246-e0c4525125cb@hitec.lu> <[🔎] d4a78af5-0a2b-46db-d4f3-8d97194f6392@hitec.lu> <[🔎] 85h8lweuzu.fsf@benfinney.id.au> <[🔎] 201806210747.53132.rhkramer@gmail.com>

rhkramer@gmail.com writes:

> On Wednesday, June 20, 2018 10:25:25 PM Ben Finney wrote:
> > In other words: Yes, it's inconvenient, but it's because *no one can
> > know* with confidence any more whether that key has been compromised.
>
> Well, I should study up more on keys and expiration, but isn't the
> situation much the same before the key expires? I mean, the issuer /
> owner of the key really doesn't know whether the key has been
> compromised?

The difference is in the degree of confidence that can be expected. When
the key was created, the key's creator thereby expressed the upper bound
of duration for that confidence remaining acceptably high.

-- 
 \      “Say what you will about the Ten Commandments, you must always |
  `\         come back to the pleasant fact that there are only ten of |
_o__)                                         them.” —Henry L. Mencken |
Ben Finney

Reply to:

References:
- Expired GPG keys of older release
  - From: Adam Cecile <adam.cecile@hitec.lu>
- Re: Expired GPG keys of older release
  - From: Adam Cecile <adam.cecile@hitec.lu>
- Re: Expired GPG keys of older release
  - From: Ben Finney <bignose@debian.org>
- Re: Expired GPG keys of older release
  - From: rhkramer@gmail.com

Prev by Date: Re: USB Host-Host cables
Next by Date: Question to rsync
Previous by thread: Re: Expired GPG keys of older release
Next by thread: Re: Expired GPG keys of older release
Index(es):
- Date
- Thread