Am Di 03.12.2013, 19:03:13 schrieb Robert J. Hansen: > 1. The attacker can just extend the validity himself. He's > successfully compromised the key, after all.
Sure but it makes little sense to play best practice in one part of key management (expiration) and simultaneously worst practice (online mainkey) in a much more important part of key management. Hauke -- Crypto für alle: http://www.openpgp-schulungen.de/fuer/unterstuetzer/ http://userbase.kde.org/Concepts/OpenPGP_Help_Spread OpenPGP: 7D82 FB9F D25A 2CE4 5241 6C37 BF4B 8EEF 1A57 1DF5
signature.asc
Description: This is a digitally signed message part.
_______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
