**Se7en** @se7en@freespeechextremist.com · Mar 13, 2021, 23:20

**Se7en** @se7en@freespeechextremist.com · Mar 13, 2021, 23:20

Se7en @se7en@freespeechextremist.com

Mar 13, 2021, 23:20

Se7en @se7en@freespeechextremist.com

PGP Question

In 2020, I generated new keys in a form that I previously had not done. I had made a primary key, along with a sub-signing and a sub-encyption key. These keys expire soon, but the main key is still valid. Should I change their expiration date? If I let these keys expire, and generate new keys for sign/encrypt does it break Web of Trust?

**Se7en** @se7en@freespeechextremist.com · Mar 13, 2021, 23:40

**Se7en** @se7en@freespeechextremist.com · Mar 13, 2021, 23:40

Mar 13, 2021, 23:40

Se7en @se7en@freespeechextremist.com

I have changed their experation date. However, another question arises. Have I accidently made two keys for encryption?
2021-03-13-154126_492x132_scrot.png

2021-03-13-154126_492x132_scrot.png?name=2021-03-13-154126_492x132_scrot.png

**Peter Todd** @pete@petertodd.org · Mar 13, 2021, 23:54

**Peter Todd** @pete@petertodd.org · Mar 13, 2021, 23:54

Mar 13, 2021, 23:54

Peter Todd @pete@petertodd.org

@se7en I believe you have. That's not a fatal problem. But it could be annoying if you generated those keys on hardware devices.

Re: Web-of-Trust, the web-of-trust attests to identities, via the master key. So adding new subkeys doesn't break it.

Re: expiration, you absolutely can just extend the expiration. I've done that with my key repeatedly.

**Se7en** @se7en@freespeechextremist.com · Mar 14, 2021, 00:03

**Se7en** @se7en@freespeechextremist.com · Mar 14, 2021, 00:03

Mar 14, 2021, 00:03

Se7en @se7en@freespeechextremist.com

@pete I know I can extend (or in this case revoke) my expiration. I was simply concerned about the fact that the subkeys were set to expire on Mar 20. This is the first time I've ever used this subkey setup. Also, for my personal PGP it was the first time I used pgp in a truly professional setting (confirming/signing correspondance with the court).

**Peter Todd** @pete@petertodd.org · 2021-03-14T00:09:15Z

Peter Todd @pete@petertodd.org

@se7en Ah, I think I see what you mean. Yes, letting those keys expire, as well as extending the expiration, is fine. And as I said, changes to subkeys doesn't affect the WoT.

Sounds like you already know understand this fully, but note that the recipients actually need to get a copy of your updated key for any of this to take effect from their perspective. So in practice, push it to keyservers (which are kinda broken these days...) and/or send a copy directly.

I hope that helps!

Mar 14, 2021, 00:09 · · Web · · ·

**Se7en** @se7en@freespeechextremist.com · Mar 14, 2021, 00:08

**Se7en** @se7en@freespeechextremist.com · Mar 14, 2021, 00:08

Mar 14, 2021, 00:08

Se7en @se7en@freespeechextremist.com

@pete I already pushed it to the keyservers and uploaded it ot the reliable sites. What about my follow-up question

Trending now

Resources

Developers

What is Mastodon?

petertodd.org

More…