Cryptographic key pairs should not be used forever. They must be updated over time. As a result, every organization needs to consider two important issues:
Updating users' key pairs
The process of updating keys pairs should be transparent to users. This transparency means users do not have to understand that key update needs to take place and they will never experience a "denial of service" because their keys are no longer valid. To ensure transparency and prevent denial of service, users? key pairs must be automatically updated before they expire.
Maintaining histories of key pairs
When encryption key pairs are updated, the history of previous decryption keys must be maintained. This "key history" allows users to access any of their prior decryption keys to decrypt data. (When data is encrypted with a user's encryption key, only the corresponding decryption key-the paired key-can be used for decrypting). To ensure transparency, the client-side software must automatically manage users? histories of decryption keys.
The key history must also be securely managed by the key backup and recovery system. This allows encrypted data to be recovered securely, regardless of what encryption public key was used to originally encrypt the data (and, by extension, regardless of when the data was encrypted).
When a signing key pair is updated, the previous signing key be securely destroyed. This destruction prevents any other person from gaining access to the signing key and is acceptable because there is no need to retain previous signing keys.