I choose no expiration keys.
We generate the master key using the --expert flag to make sure the master key can only "certify" (sign other keys), and not sign or perform encryption.
$ gpg --expert --gen-key
gpg (GnuPG) 1.4.11; Copyright (C) 2010 Free Software Foundation, Inc.
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.