On Mon, Jul 29, 2013 at 10:12 PM, Chris Bannister < cbannis...@slingshot.co.nz> wrote:
> On Mon, Jul 29, 2013 at 09:16:50PM +0900, Joel Rees wrote: > > On Sun, Jul 28, 2013 at 10:12 PM, Henrique de Moraes Holschuh < > > > Switching to a new one and disposing of the older one is, for whatever > > > reason, usually called "rotating the keys". > > > > Probably because of perceived similarities to rotating logs? > > Unlikely. Two completely different concepts. How so? A log is a resource. When it's time to move on, use a new resource. A key is a resource. When it is time to move on, use a new key. The difference being of course that the log is renamed and left behind for a bit, where the key is not left behind. Maybe moved to the list of keys to be watched for. Speaking of which, PKI techniques would indeed move the old keys to the revocation list > My guess is that they were > actually rotated at some point but when that changed, the name was not. > Do you mean actually recycled? Or are you thinking of one-time pads? -- Joel Rees
