[ale] PGP Subkey Expiration
Jason Fritcher
jkf at wolfnet.org
Sun Feb 1 20:44:24 EST 2009
On Feb 1, 2009, at 7:09 PM, Andrew Grieser wrote:
> I have a pgp/gpg subkey that is about to expire (the encryption
> subkey is expiring, not the master signing key), and was wondering
> which action to take:
>
> 1) Extend expiration date
> 2) Let encryption subkey expire and generate a new encryption subkey
> 3) Let encryption subkey expire AND revoke it, and generate a new
> encryption subkey
>
> Just wondering what normal practice was on this. The reason I
> initially put an expiration date on the subkey was in case I ever
> lost the keys and/or paranoia.
The last time I maintained a key with expiration dates, I let the
original subkey expire and generated a new one. IMO, there is no need
to revoke the previous key.
--
Jason Fritcher
jkf at wolfnet.org
More information about the Ale
mailing list