On 2017/06/02 14:06, Peter Lebbing wrote: > On 02/06/17 14:42, Lionel Elie Mamane wrote: >> However, if I publish the secret signing subkey after it expires, >> the cryptographic certainty is gone. > > Heh, that's an interesting take on it. Thanks for sharing it.
The main motivation for publishing a signing secret after use is repudiability. But for that to work properly, your correspondents need to know that you've published the secret, and you also need to have confidence that they know. Synchronous protocols like OTR do this well. PGP is highly asynchronous, with typically very infrequent key refresh cycles, and intentionally publishing secret material - even for revoked keys - runs the risk of your correspondents getting scammed during the refresh interval. A
signature.asc
Description: OpenPGP digital signature
_______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
