diff --git a/DigitalData.Core.Security/RSAFactory.cs b/DigitalData.Core.Security/RSAFactory.cs
index e5c0250..3a5af5f 100644
--- a/DigitalData.Core.Security/RSAFactory.cs
+++ b/DigitalData.Core.Security/RSAFactory.cs
@@ -7,6 +7,17 @@ namespace DigitalData.Core.Security
 {
     public class RSAFactory<TRSAFactoryParams> : IRSAFactory<TRSAFactoryParams> where TRSAFactoryParams : RSAFactoryParams
     {
+        public static string DefaultRSAKeyNameFormatter(string separator, string issuer, string audience, string visibilityTag, DateOnly expiration, Version? passwordVersion = null)
+        {
+            var sb = new StringBuilder(issuer.Length + audience.Length + separator.Length * 2 + 20);
+            sb.Append(issuer).Append(separator).Append(audience).Append(separator).Append(visibilityTag).Append(separator).Append(expiration);
+
+            if (passwordVersion is not null)
+                sb.Append(separator).Append(passwordVersion);
+
+            return sb.ToString();
+        }
+
         private static readonly Lazy<RSAFactory<RSAFactoryParams>> LazyInstance = new(() => new(Options.Create<RSAFactoryParams>(new())));
 
         public static RSAFactory<RSAFactoryParams> Static => LazyInstance.Value;
@@ -14,25 +25,7 @@ namespace DigitalData.Core.Security
         private readonly RSAFactoryParams _params;
 
         private readonly IEnumerable<string> _lowerFileTags;
-
-        //TODO: make the validation using regex
-        public static string DefaultRSAKeyNameFormatter(string separator, string issuer, string audience, string encryptedPrivateKeyFileTag, string privateKeyFileTag, string publicKeyFileTag, bool isPrivate = true, Version? passwordVersion = null)
-        {
-            var sb = new StringBuilder(issuer.Length + audience.Length + separator.Length * 2 + 20);
-            sb.Append(issuer).Append(separator).Append(audience).Append(separator);
-
-            if (passwordVersion is null && isPrivate)
-                sb.Append(privateKeyFileTag);
-            else if (isPrivate)
-                sb.Append(encryptedPrivateKeyFileTag).Append(separator).Append(passwordVersion);
-            else if (passwordVersion is null)
-                sb.Append(publicKeyFileTag);
-            else
-                sb.Append(publicKeyFileTag).Append(separator).Append(passwordVersion);
-
-            return sb.ToString();
-        }
-
+        
         private readonly PbeParameters _pbeParameters;
         
         public RSAFactory(IOptions<TRSAFactoryParams> options)
@@ -43,6 +36,7 @@ namespace DigitalData.Core.Security
             _pbeParameters = new PbeParameters(_params.PbeEncryptionAlgorithm, _params.PbeHashAlgorithmName, _params.PbeIterationCount);
         }
 
+        //TODO: make the validation using regex
         public void ValidateFormatterParams(string issuer, string audience)
         {
             void ValidateForbidden(string value, string paramName)