On Sun, Jul 06, 2014 at 12:53:26PM +0100, MFPA wrote: > At the same time, would you advocate decrypting all your encrypted > files and encrypting them to the new key? Or were you just referring > to encrypted communications?
It depends on how important the data is. Of course, if the data is so important, when the expiration time comes, all the data encrypted with the old key need to be decrypted and encrypted with the new generated key. Although it's not truly necessary to do this work when the data is no longer considered as important. For encrypted communication, it's better to use the new generated key when the expiration time comes. I don't enforce my idea to be applied by everyone. This is an advice for myself to do a good gpg practice. Someone may refer to a key revocation rather than enforcing an expiration time. That's also good practice. I believe everyone of you has a method to prevent quantum cryptodecryption on your public keys.
pgpPmL4nIesuE.pgp
Description: PGP signature
_______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
