Hi Paul,   
      
   On 2017-10-26 11:55:31, I wrote to you:   
      
    WvV> And I just read that you can always extend the expiration date on an   
    WvV> already expired key, and send that out to the key servers. So there   
    WvV> is no reason to not use an expiration date on keys. I think I'm gona   
    WvV> set mine to 5 years...   
      
   This explains it very well:   
      
      
   Use an expiration date less than two years.   
      
   People think that they don't want their keys to expire, but you actually do.   
   Why? Because you can always extend your expiration date, even after it has   
   expired! This "expiration" is actually more of a safety valve or "dead-man   
   switch" that will automatically trigger at some point. If you have access to   
   the secret key material, you can untrigger it. The point is to setup something   
   to disable your key in case you lose access to it (and have no revocation   
   certificate).   
      
   Setting an expiration date means that you will need to extend that expiration   
   date sometime in the future. That is a small task that you will need to   
   remember to do (see next item about setting a reminder).   
      
   You may think that is annoying and you don't want to deal with it, but it is   
   actually good to be doing this on a regular basis so you keep your OpenPGP   
   skills fresh. It indicates to users that the key is still active, and that the   
   keyholder is using it, and gives you an opportunity to review the current   
   state of your tools, and best practices. Also, many people will not sign a key   
   that has no expiration date!   
      
   Source: https://preview.tinyurl.com/y77auelm   
      
      
   Bye, Wilfred.   
      
   --- FMail-lnx64 2.1.0.18-B20170815   
    * Origin: FMail development HQ (2:280/464)