Jørgen Lysdal wrote:
> 2006/6/28, Werner Koch <[EMAIL PROTECTED]>:
>> I can see no reason for using a valid from key. Simply create it when
>> you need it.
I can imagine that it makes sense for a key with
no subkeys. You can already collect signatures
before you actually use the key.
In the case of subkeys that seems to be not
necessary.
> For me, creating a key is a one-time-thing, why not add some sub´s from
> the start, so i dont have to mess with it later?
Well, producing cryptographic material years ahead does
not really sound like very good idea. The used algorithms
may have already proven to be insecure by the time the
key get's valid. And advances in hardware technology and
crpytographic attacks may enable an attacker to spend plenty
of time on hacking your key in advance.
These issues might render the key useless before the "start
from" date is actually reached.
So it's the usual trade off between convenience and
security...
Cheers, Olaf
--
Dipl.Inform. Olaf Gellert PRESECURE (R)
Senior Researcher, Consulting GmbH
Phone: (+49) 0700 / PRESECURE [EMAIL PROTECTED]
A daily view on Internet Attacks
https://www.ecsirt.net/sensornet
_______________________________________________
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users
