The expiration date of a key accompanies the public key in a certificate r
a directory listing. The signature verification program should check for
expiration and should not accept a message signed with an expired key. This
means that when one's own key expires, everything signed with it will no
longer be considered valid. Of course, there will be cases where it is
important that a signed document be considered valid for a much longer
period of time; Question 3.3.17 discusses ways to achieve this.
After expiration, the user chooses a new key, which should be longer than the old key, perhaps by several digits, to reflect both the performance increase of computer hardware and any recent improvements in factoring algorithms. Recommended key length schedules will likely be published. A user may recertify a key that has expired, if it is sufficiently long and has not been compromised. The certifying authority would then issue a new certificate for the same key, and all new signatures would point to the new certificate instead of the old. However, the fact that computer hardware continues to improve argues for replacing expired keys with new, longer keys every few years. Key replacement enables one to take advantage of the hardware improvements to increase the security of the cryptosystem. Faster hardware has the effect of increasing security, perhaps vastly, but only if key lengths are increased regularly (see Question 3.4.5).