David Newman (25.01.2009 01:15): > Michael Lucas' gpg/pgp book recommends setting a relatively short > expiration time, such as a year, for personal keys. > > Would an expired key still work into the future? If, for example, I > sign/encrypt a file today using a key that expires next year, would I be > able to decrypt the file three years from now?
While you keep the private key on the keyring, you may continue to use it for decryption (and everybody else would be able to use the corresponding public key for signature verification) even after it has expired or been revoked. You, however, will not be able to use it for signing, and others won't be able to encrypt data with the public key. > I've been using a key that never expires to sign/encrypt mail and files > on the assumption that keys with discrete lifetimes don't work after > their expiration dates. > > thanks > > dn -- SATtva | security & privacy consulting www.vladmiller.info | www.pgpru.com _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users