http://blogs.gnome.org/johannes/2007/10/16/fingerprint/ Blog of Johannes Schmid Sun, 05 Feb 2012 00:22:37 +0000 hourly 1 http://wordpress.org/?v=3.3.1 http://blogs.gnome.org/johannes/2007/10/16/fingerprint/comment-page-1/#comment-359 Robert McQueen Wed, 17 Oct 2007 22:24:35 +0000 http://blogs.gnome.org/johannes/2007/10/16/fingerprint/#comment-359 You don't need to issue a new key; that way you lose all of your signatures. You can just change the expiry date by editing the key (which places a new self-signature on the key). Keyservers and gpg can't rely on the time being valid in any meaningful cryptographic sense so they don't do anything magic to disable a key when it's "expired", it's just a date they check against the current date when the key is used. Also, anyone who is actually concerned about sending you encrypted mail or verifying your signature shouldn't trust your blog to know what your key is... You don’t need to issue a new key; that way you lose all of your signatures. You can just change the expiry date by editing the key (which places a new self-signature on the key). Keyservers and gpg can’t rely on the time being valid in any meaningful cryptographic sense so they don’t do anything magic to disable a key when it’s “expired”, it’s just a date they check against the current date when the key is used. Also, anyone who is actually concerned about sending you encrypted mail or verifying your signature shouldn’t trust your blog to know what your key is…

]]>