Certificates and keys have a certain duration. Various factors play into the lifespan of a particular key. Several things can occur to impact the lifespan of a key such as being compromised or revoked.
There’s also an expiration date for keys. As is the case with a driver’s license or credit card, keys are considered valid for a finite amount of time. Once that time period has expired, the key must be renewed or replaced.
Centralized versus Decentralized Keys: PKI applications use different types of key management.
The hierarchical model uses centralized key management. The centralization is based on all of the public keys being stored within one location. Older applications of PGP used decentralized key management, because keys would be contained in a user’s key ring and no one entity is superior over another. The choice to use either centralized or decentralized key management correlates to the size of the organization.
With older versions of PGP, you could only hold the keys of those PGP users that you trust. For larger organizations where thousands of employees are required to use digital signatures when communicating, managing PGP keys would be impractical. In either case (centralized or decentralized), a secure method of storing those keys must be established.
