On Thursday 05 May 2011, Hauke Laging wrote: > Am Donnerstag, 5. Mai 2011, 11:19:30 schrieb Werner Koch: > > A > > period key change is problematic because it confuses those who want > > to verify the signatures. > > > > BTW, the prolongation of the expiration time has showed (by means > > of a lot of complaining mails) that many folks don't refresh the > > key from time to time with the goal to retrieve revocation > > certificates. > > What is the difference between these two options with respect to the > point of confusion?
Unless I'm missing something the difference is as follows: - With prolongation of the expiration time releases signed before the prolongation will keep having a valid signature. - If one creates a new subkey then releases signed with the old expired subkey(s) will have an invalid signature. One would have to re-sign the old releases with the new subkey. Regards, Ingo
signature.asc
Description: This is a digitally signed message part.
_______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users