Adam Back asks:
What happens in this scenario with pgp5.0, or pgp5.5:
[Replacement of encryption key and deletion of old private part.]
If you do this, you won't be able to read your old mail folder,
because you no longer have the key it was encrypted to.
Does this imply that you must keep the private key for perpetuity?
(Or at least as long as you want to read old mail archives).
These are good questions. The issue of dealing with retired encryption
keys raises many operational complications. Not only email, but any other
files which may have been encrypted with the key being replaced are at
risk of being lost.
It could be that it will be appropriate to save the old private key
in some secure location. Because it would not have to be accessed very
often if at all, the secure storage could be made relatively inaccessible.
Or perhaps software could sweep your disk to find data encrypted with the
old key, and re-encrypt it with the new one. Whatever solution is chosen
will have to be based on input from customers, so that we have a safe
and manageable way of dealing with retired keys.
I should clarify that PGP 5.0 and 5.5 do not currently provide user
interfaces for replacing encryption keys. The data structures allow it,
and the library is designed to transparently handle the case of a key
with many encryption subkeys, where only one is still valid. So once a
user interface is created to allow people to retire and replace subkeys,
the keys will be handled properly by the existing products.
Hal Finney
hal(_at_)pgp(_dot_)com
hal(_at_)rain(_dot_)org