long-term GPG signing key
Ben Laurie
ben at algroup.co.uk
Thu Jan 19 06:21:31 EST 2006
Travis H. wrote:
> I must admit, I just had a "duh" moment.
>
> Why the heck am I expiring encryption keys each year? Anyone who
> records the email can crack it even if the key is invalid by then.
> All it really does is crudely limit the quantity of data sent under
> that key, which is little to none anyway.
So that you can't be legally required to produce the private key (which
you destroyed, right?).
Perhaps this is time to remind people of "Security Against Compelled
Disclosure": http://www.apache-ssl.org/disclosure.pdf.
Cheers,
Ben.
--
http://www.apache-ssl.org/ben.html http://www.thebunker.net/
"There is no limit to what a man can do or how far he can go if he
doesn't mind who gets the credit." - Robert Woodruff
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com
More information about the cryptography
mailing list