The Case for Short OpenPGP Key Validity Periods

I will explain how OpenPGP key expiration works; how to extend the expiration time of your key; and argue why having a relatively short validity period can be ...

PGP Key Expiry is a Usability Nightmare

An OpenPGP key can have an expiry date. A PGP identity has 2 or more keys in it, so that each identity can have 2 or more expiry dates.

OpenPGP Security · open-keychain/open-keychain Wiki - GitHub

Some argue that expiry dates help keeping the keyservers clean from valid but unused keys: If a secret key is lost with an expiry date of 2 ...

OpenPGP Best Practices - Riseup.net

Don't rely on the Key ID. Check key fingerprints before importing. Key configuration. Use a strong primary key. Use an expiration date less than two years.

expiration – Simon Josefsson's blog

The Case for Short OpenPGP Key Validity Periods ... After I moved to a new OpenPGP key (see key transition statement) I have received comments about the short ...

Will the OpenPGP key fingerprint change if the certificate is extended?

By extending the validity period, a special self-signature storing the expiry date will be issued. This signature has its own timestamp included ...

On OpenPGP (GnuPG) key management – Michał Górny

Over the time, a number of developers have had problems following the Gentoo OpenPGP key policy (GLEP 63. In particular, the key expiration ...

Is it possible to set GPG key expiration time shorter than one day ...

But I still want to ask the question out just in case there is something that meets my need: Is it possible to set GPG key expiration time ...

9. Signature verification - Notes on OpenPGP

Signature verification in the OpenPGP protocol is a complex process. Many factors influence the validity of a signature. Firstly, its expiration time.

T1291 signatures to OpenPGP keys no longer expire by default if the ...

signatures to OpenPGP keys no longer expire by default if the signed key expires. Closed, WontfixPublic. Actions.

OpenPGP On The Job – Part 4: Generating Keys - itemis Blog

The choice for the expiration period is once again a trade-off between security and convenience. Short periods must be updated too often.

Generating More Secure GPG Keys: A Step-by-Step Guide

... validity period and the subkey replacement period. It would not make sense to have a shorter replacement period than expiration period, though.

PGP expiration protocole : r/GnuPG - Reddit

Expiry is to protect against loss or inactivity of the private key, which only exists on the server or, in GPGs case, in the owners keychain.

Validity period of GPG-keys

I'm caught between the devil and the deep blue sea what to advise... I guess as both long and short validity periods have their (dis)advantages,= I=20 guess ...

What is the purpose of the "validity period" in X.509 certificates?

The idea is to reduce the window of opportunity in case the private key gets compromised. Revocation is possible only if the compromised ...

Signing a key should not have a default expiry time

Most attacks involving impersonation will happen within a short time and almost certainly within the 4 year expiry. The main result of the ...

How PGP works

How does cryptography work? Conventional cryptography. Caesar's Cipher; Key management and conventional encryption. Public key cryptography; How PGP works; Keys ...

Cryptography with OpenPGP - Apache Infrastructure Website

If you have a short but uncompromised key and would like to transition to a longer one, follow these instructions. If your key has been compromised, you must ...

GPG Key Expiration Strategies in OpenTofu: A Call for Community ...

Strategy: Allow a defined grace period post-expiration. Pros ... That would mean that you are in a case where you renewed your private key ...

Working with PGP Signatures - Documentation - Central Repository

Generating a Key Pair⚓ ... Enter your name and email when asked for it and also, the time of validity for the key defaults to 2 years. Once they key is expired ...