Anthony Towns <aj@azure.humbug.org.au> writes: > On Fri, Jan 06, 2006 at 12:12:50AM -0800, Thomas Bushnell BSG wrote: >> Anthony Towns <aj@azure.humbug.org.au> writes: >> > No, a key is only as good as (a) how hard it is to break; and (b) how >> > easy it is to trust. Key rotation helps make it harder to break (since >> > the 2004 key won't do you much good now); and also forces us to consider >> > how to make new keys easy to trust, which we otherwise might neglect. >> Looking at the parenthesis: the 2004 key would have been quite >> valuable a week ago. It could have been used to sign a fake 2005 key. >> Oh wait: *it still can be*. > > It shouldn't be, since the 2004 key expired almost a year ago. Maybe we > should be revoking expired keys as well.
Sorry, I meant 2005. I forgot the new year; now I see the point you were making, and that makes sense to me. Thomas -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
