The question arises, what is the purpose or meaning of expiration dates
on keys and signatures.
In the case of keys, expirations have a couple of purposes. One is
to reduce the attractiveness of the key as a target. A key with an
indefinite lifespan is more valuable if stolen or cracked than one
which will expire in the near future. This is especially true in the
context of a brute force attack which may take a long time to mount.
By giving the key an expiration date it may be effectively impossible
to break the key before it expires, so no one would even try.
A related purpose is to limit the damage if the key falls into someone
else's hands. Ideally you will recognize when this happens and revoke the
key, but the breach may not always be detected. Giving keys a limited
lifetime and rolling over to new keys periodically will reduce the harm
from this cause.
In the case of signatures I think things are quite different. Signature
expirations seem primarily used for the case where the certified
information becomes incorrect or obsolete. In PGP we normally certify
name and email address. Name is unlikely to change, but people do get
new email addresses relatively frequently. It may be appropriate for
a signature on an email address to expire periodically, with it being
re-issued if the email address is still valid.
Related to this, some systems may use certification by certain keys as an
authorization method. Any key signed by the corporate key automatically
gets access to the company network, for example. When someone quits
their certification gets revoked, but due to difficulties in ensuring
that revocation signatures propagate, putting an expiration in the
original cert provides extra insurance. Again, valid certs would be
re-issued periodically.
Any other purposes which I have missed?
Given this analysis, it's not clear to me that expired signatures should
be ignored in trust calculations. Suppose I trust Alice, who has signed
Bob's key, and I also trust Bob. If Alice's signature on Bob's key
has expired, should I no longer trust signatures made by Bob's key?
Bob is still the same person he always was. Maybe the sig on his key
has expired because he no longer works at Alice's company, but that
doesn't change who he is.
The purpose of Alice's signature was to identify Bob, not to say that
he is trustworthy. I am the one who made that latter determination.
Given that Alice at one time certified Bob's identity, the fact that her
certification has expired doesn't change the fact that I still trust him.
In at least some cases, then, it might be reasonable to continue to use
expired signatures in trust calculation.
Hal