Microsoft KB Archive/152686

= XCLN: How Expired Encryption Key Pairs Work =

Article ID: 152686

Article Last Modified on 8/16/2005

-

APPLIES TO


 * Microsoft Exchange Client 4.0
 * Microsoft Exchange Client 5.0
 * Microsoft Exchange Client 4.0
 * Microsoft Exchange Client 5.0
 * Microsoft Exchange Client 4.0
 * Microsoft Exchange MS-DOS client 5.0

-



This article was previously published under Q152686



SUMMARY
By default, the Key Management Server in Microsoft Exchange Server provides public/private key encryption pairs that expire after 18 months. This cannot be changed.



MORE INFORMATION
You can still read messages encrypted with your older key pairs. A history of your encryption key pairs is maintained in both the .EPF file for client use, as well as in the KM Server database for key escrow purposes.

Old signatures will fail verification with the following error message:

A Signature has expired error.

However, all of the other conditions (message not altered, signature not suspended, etc.) will pass.

Keywords: kbother KB152686

-

[mailto:TECHNET@MICROSOFT.COM Send feedback to Microsoft]

© Microsoft Corporation. All rights reserved.