On 12.12.2018 22:35, Andrew Luke Nesbit wrote: > My subkeys expired on Monday, 10/12/2018. I've updated my subkeys with > a new expiration date (in one year). I'm considering NOT uploading the > new public keys to the keyservers. Rather, I will distribute them using > other channels, such as downloading from my personal website or sneakernet. > > Should I issue and publish a revocation certificate? Will this cause > problems considering that I'm still using the same master key?
I don't think revocation is necessary if the private subkeys are still safe. It may be just inconvenient for people that want to contact you / verify your signatures to see your subkeys expired and when they "gpg --refresh-keys" (as they always do) your key would still be expired with no apparent way of proceeding. If I saw something like that I'd think the key is abandoned. If you had HTTPS on your site I'd recommend Web Key Directory as this downloads keys from your site *and* refreshes expired keys from your site too automatically. Kind regards, Wiktor -- https://metacode.biz/@wiktor _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users