Hi Paul,   
      
   On 2017-10-26 22:08:17, you wrote to All:   
      
    PH> How long do you suggest a key should be valid for?   
      
   That depends, on your use case. ;)   
      
   I make mine valid forever. In hindsight that might not have been a good idea.   
   I have some keys from the early 90's that I don't remember the passwords of,   
   that just take up space on the keyservers, but I can't do anything with.   
      
    PH> I'm not certain, I'd set an expiry on one I created with an open end   
    PH> value in 2016 to 2018 y/day but now I'm wondering if that's a wise   
    PH> move or not?   
      
   It seems a rather short period.   
      
    PH> I say that as my limited understanding of keys so far is that they   
    PH> gain greater trust when signed by others but if I expire a key after   
    PH> only less than 12 months to go then surely I have to start all over   
    PH> again with getting the new on signed etc. so in my mind it's a   
    PH> disincentive to expire it?   
      
   If you sign your new key with the old one, there is a web of thrust that goes   
   back to the signers of the old key. But I don't know how that works with   
   expired keys. There is probably less thrust when there are expired keys   
   involved.   
      
    PH> Thoughts welcome.   
      
   Whatever period you choose, at least generate revokation certificates and keep   
   them in a save place, so if you loose the passwords of your key you can still   
   revoke them...   
      
   And I just read that you can always extend the expiration date on an already   
   expired key, and send that out to the key servers. So there is no reason to   
   not use an expiration date on keys. I think I'm gona set mine to 5 years...   
      
   Bye, Wilfred.   
      
   --- FMail-lnx64 2.1.0.18-B20170815   
    * Origin: FMail development HQ (2:280/464)