"William H. Geiger III" <whgiii(_at_)openpgp(_dot_)net> writes:
Why can't you set an expiration time for the signature? This would seem
the optimal way to do this.
AFAIK, there are implementations which use expired certificates in
validity calculations. The certificate is used once to propagate
trust, and if the neighborhood of the web of trust doesn't change,
nothing happens if a certificate expires.
Well either you need to have some standardization or you are going to have
everyone doing their own thing.
I believe that everyone shall build his own web of trust as he sees
fit, but that's more a political statement than a technical one, of
course. But I do want to have control over the validity of
certificates issued by myself, that's the reason why I think that some
standardization (i.e. some necessary (but not sufficient) conditions
for certificate and key validity) are very useful.
While I don't think a rigid RFC would be
needed I do think a separate informational RFC would be advised.
Yes, that was our internal conclusion as well. Oliver Goebel
<goebel(_at_)rus(_dot_)uni-stuttgart(_dot_)de> is preparing such a document. In
addition, the document will contain recommendations for interactive
OpenPGP implementations in borderline situations (just as an example,
what to do if a chain of trust can be established to a key, but some
of the links are expired certificates? -- the user should be given the
choice not to use the key, use it anyway, or sign it locally to
prevent future questions).
From the point of view of interoperability it will be important for
developers to know how the WoT is being handled by the various vendors.
The major issue is keyring sharing.
I don't think this is a problem. Vendors can provide suitable
conversion programs. In fact, OpenPGP implies a rather canonical key
ring exchange format (simple concatenation of keys), and I think all
OpenPGP implementation can handle this format.
On the other hand, say if a secret key is protected by a passphrase
and OpenPGP-optional symmetric cipher, there will always be
implementations which cannot do anything useful with it, simply
because the actual key material is protected by an unsupported cipher.
(Direct key ring sharing doesn't make sense anyway because the actual
key ring data structure depends heavily on the given application.
Locking is another issue.)
--
Florian Weimer
Florian(_dot_)Weimer(_at_)RUS(_dot_)Uni-Stuttgart(_dot_)DE
University of Stuttgart http://cert.uni-stuttgart.de/
RUS-CERT +49-711-685-5973/fax +49-711-685-5898
http://ca.uni-stuttgart.de:11371/pks/lookup?op=get&search=0xC06EC3B5