ietf-openpgp
[Top] [All Lists]

Expiration dates (was: Rip Van Winkle awakes: meeting in Oslo?)

1999-07-09 07:44:43
Bodo Moeller <in5y094(_at_)public(_dot_)uni-hamburg(_dot_)de> writes:

The self-signature!  Not the whole key, unless you don't re-validate.
For this, a signature validity period should be used, not a key

IIRC, I have never seen a direct key signature with an expiration date 
- so the only available expiration date is the one from the (latest)
self-signature on a user ID.

I have considered to add the expiration date to the key but there
is no strategy defined how to process multiple expiration dates.
I think this should be addressed in the next revision of OpenPGP along
with some other similar issues (e.g. can a revocation of a 
self-signature on a user ID been overridden by a newer
self-signature).


-- 
Werner Koch at guug.de           www.gnupg.org           keyid 621CC013


<Prev in Thread] Current Thread [Next in Thread>