[19674] in cryptography@c2.net mail archive
Re: long-term GPG signing key
daemon@ATHENA.MIT.EDU (Ben Laurie)
Thu Jan 19 12:21:25 2006
X-Original-To: cryptography@metzdowd.com
X-Original-To: cryptography@metzdowd.com
Date: Thu, 19 Jan 2006 11:21:31 +0000
From: Ben Laurie <ben@algroup.co.uk>
To: "Travis H." <solinym@gmail.com>
Cc: "Perry E. Metzger" <perry@piermont.com>,
Ian G <iang@systemics.com>, cryptography@metzdowd.com
In-Reply-To: <d4f1333a0601112248u31623f05j70cd25fd8b66b2df@mail.gmail.com>
Travis H. wrote:
> I must admit, I just had a "duh" moment.
>
> Why the heck am I expiring encryption keys each year? Anyone who
> records the email can crack it even if the key is invalid by then.
> All it really does is crudely limit the quantity of data sent under
> that key, which is little to none anyway.
So that you can't be legally required to produce the private key (which
you destroyed, right?).
Perhaps this is time to remind people of "Security Against Compelled
Disclosure": http://www.apache-ssl.org/disclosure.pdf.
Cheers,
Ben.
--
http://www.apache-ssl.org/ben.html http://www.thebunker.net/
"There is no limit to what a man can do or how far he can go if he
doesn't mind who gets the credit." - Robert Woodruff
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@metzdowd.com
