GPG Keysigning at FUDCon

Todd Zullinger tmz at pobox.com
Thu Jan 3 02:10:49 UTC 2008


John Poelstra wrote:
> My key has expired and it is also associated with my Fedora account
> which raises a few questions to get straightened out before FUDCon:
>
> 1) Do I need to revoke my expired key?

No, you don't have to revoke it.  In fact, you can remove or extend
the expiration date and continue using your current key if you like.

> I'm not even sure if this can be done or matters.

Yes, it can be done (as long as you still have the private key, of
course).

> 2) Once I generate a new key, I assume I should add its fingerprint
> to my Fedora account--removing the existing one?

(I'll defer to someone that has more of a clue about the fedora
account system. :)

> 3) Do most people create keys that expire or is it okay to create
> one that does not?

I don't know about most people, but I think it's okay to not have an
expiration date on a key.  You can also add one later if you change
your mind.  I have no expiration date on my primary key, but I do have
one on the encryption subkey.

-- 
Todd        OpenPGP -> KeyID: 0xBEAF0CE3 | URL: www.pobox.com/~tmz/pgp
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Some people are like Slinkies... not really good for anything, but you
still can't help but smile when you see one tumble down the stairs.

-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 542 bytes
Desc: not available
Url : http://lists.fedoraproject.org/pipermail/devel/attachments/20080102/02a187d5/attachment-0002.bin 


More information about the devel mailing list