-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512
On Monday 31 July 2017 at 10:11:16 PM, in <mid:caj-6natde3hhkzu0d-zgo0wpmyxpnngx+fjytbckxwnvzmn...@mail.gmail.com>, Gabriel Philippe wrote:- > A good practice is to define close expiration dates > for keys and > subkeys, and regularly postpone them (or renew > subkeys), which is only > possible with the "master" offline key and not with > the possibly > compromised subkeys. This forces those people who > never refresh keys > to do it, or complain, or for most of them abandon > PGP because they > get painful warnings and this stupid thing does not > work. Shouldn't "auto-key-locate" in their gpg.conf take care of this? > Furthermore, if you start sending messages signed > with a new subkey, > people who have not refreshed your key will get error > messages, > hopefully refresh the key (or complain or abandon > PGP), and get both > the revocation certificates and the new subkeys. > Without even having > to understand what happens. Doesn't "auto-key-retrieve" in their gpg.conf take care of this? - -- Best regards MFPA <mailto:2014-667rhzu3dc-lists-gro...@riseup.net> COMMITTEE: A body that keeps minutes and wastes hours. -----BEGIN PGP SIGNATURE----- iNUEARYKAH0WIQQzrO1O6RNO695qhQYXErxGGvd45AUCWYBp+V8UgAAAAAAuAChp c3N1ZXItZnByQG5vdGF0aW9ucy5vcGVucGdwLmZpZnRoaG9yc2VtYW4ubmV0MzNB Q0VENEVFOTEzNEVFQkRFNkE4NTA2MTcxMkJDNDYxQUY3NzhFNAAKCRAXErxGGvd4 5FEIAQDvA6JSDkleHhXh9GlhvFrjXA2L87L/PioEPaQULJ3IaAD9FNehHS/P81Wm 4+Cmo/2cBDXJuGCI2LLYgWoX7DoINAGJAZMEAQEKAH0WIQSzrn7KmoyLMCaloPVr fHTOsx8l8AUCWYBp+V8UgAAAAAAuAChpc3N1ZXItZnByQG5vdGF0aW9ucy5vcGVu cGdwLmZpZnRoaG9yc2VtYW4ubmV0QjNBRTdFQ0E5QThDOEIzMDI2QTVBMEY1NkI3 Qzc0Q0VCMzFGMjVGMAAKCRBrfHTOsx8l8CjvCACqKuwJx4kkMUmTZi53BRiw/DRU Cvo8jMR412LTBATmjfbvHanv60+k+Xr/s6suzZuHDdGzePBED+Dm6Vcka6EfPAF8 DCmEBMJ4g+kduy3AyoHuuRS97h17KTfCsqeyfiKQ2gKBh1xNkW83NOj8gJxJu/PO fbKuEcPWxIUVtU7UDIAQH5YtqKn56X/qAJg0jpKX6+BG4+0Bp+UCpiDxwL2VlVdI OQeC6TZw2aAGKN5eIDtOcJjj2Td2BazHyiNGbYCkjKcZUT2DBuYXl+ZTxPr6jAKd q/qa5k0hL+mZJlBj+jR4SbpvoL1XFDWtNWBgyUjE/1W1jhROdBZW7V7CLRLR =OdAB -----END PGP SIGNATURE----- _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
