On 26/10/14 12:56, Hauke Laging wrote: > I do admit that this may be interesting for certain people but I guess that > this tool does not do "that" but solves a completely different problem.
However, it does broadly correspond to your later comments about periodically refreshing even before the expiry date. And more importantly, an implementation of refresh-on-expiry might actually be done as a new mode of the existing tool parcimonie, leveraging the code that has already been written. And you get parcimonie's features as a bonus, i.e., not exposing too much about when you use keys and what keys you have. I'm suggesting that automatic runs of parcimonie should schedule a refresh of a key when a key is close to expiry. It seems to me postponing the refresh to the first moment you use an already expired key leaks more metadata than necessary, i.e., that you are about to encrypt to that key. However, some thought needs to go into when and how often to check keys close to expiry. HTH, Peter. -- I use the GNU Privacy Guard (GnuPG) in combination with Enigmail. You can send me encrypted mail if you want some privacy. My key is available at <http://digitalbrains.com/2012/openpgp-key-peter> _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
