BGP in the Washngton Post

I assume the vast majority of these cases are when the person leaves with no indication of malicious intent. In those cases, it might be possible to perform the key rollover with a relatively long grace period in which both keys are valid. Wouldn't that help reduce churn?

it's actually nearly impossible to tell this... so the 'best' option
is to do the changes required as quickly as is safe for your network.

yes, it sucks... you know what sucks more? when 2 people leave on adjacent days.