Anthony Towns <aj@azure.humbug.org.au> writes: > No, a key is only as good as (a) how hard it is to break; and (b) how > easy it is to trust. Key rotation helps make it harder to break (since > the 2004 key won't do you much good now); and also forces us to consider > how to make new keys easy to trust, which we otherwise might neglect.
Looking at the parenthesis: the 2004 key would have been quite valuable a week ago. It could have been used to sign a fake 2005 key. Oh wait: *it still can be*. And once the 2004 key expires, that should mean that now I have no reason to trust the 2005 key. (Except for the fact that it's signed by AJT. But then, why not just use that as the archive key directly?) > So you need something more than just "I trust AJ". No one's worked out > exactly what that should be yet. Yeah. I don't mean that rotation is bad, just that it seems at best only one small part of the puzzle, and it's not clear to me what the other parts should look like. Still, we can only put the puzzle together one piece at a time. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
