On Jan 24, 2009, at 2:15 PM, David Newman wrote:
Michael Lucas' gpg/pgp book recommends setting a relatively short
expiration time, such as a year, for personal keys.
Would an expired key still work into the future? If, for example, I
sign/encrypt a file today using a key that expires next year, would
I be
able to decrypt the file three years from now?
Yes.
I've been using a key that never expires to sign/encrypt mail and
files
on the assumption that keys with discrete lifetimes don't work after
their expiration dates.
That is not the case. You won't be able to make new signatures or
encrypt new files with an expired key, but you can still verify old
signatures and decrypt old files after expiration.
David
_______________________________________________
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users
