hal(_at_)finney(_dot_)org, at 16:21 -0700 on Wed, 31 May 2000, wrote:
Given this analysis, it's not clear to me that expired signatures should
be ignored in trust calculations. Suppose I trust Alice, who has signed
Bob's key, and I also trust Bob. If Alice's signature on Bob's key
has expired, should I no longer trust signatures made by Bob's key?
Bob is still the same person he always was. Maybe the sig on his key
has expired because he no longer works at Alice's company, but that
doesn't change who he is.
However, it is possible that his identity has changed. Perhaps Alice was
signing Bob's position in the company. Bob's position can change, and
Alice decided when she signed whether she believes Bob's position to be
static or variable information, by deciding on having the expiration or
not. It is not up to you to decide whether what Alice signed was what she
believes to be permanent or temporary information; she decides that.
If she signed what you believe to be a "permanent identity" (e.g., name)
with an expiration attached, one conclusion you could draw is that
possibly a refinement of his identity in the future when the signature
expires (perhaps another Bob Smith comes into the company, and more
identifying information is needed).
In the end, as time goes on, no identifier created so far will point
directly to the entity known as Bob forever. This is what the sig
expirations can be thought of as indicating, that the signer can only
assure himself/herself that the signed, confirmed identity, can be trusted
for at most the length of the signature. Whether that information is
believed to be static or permament is decided by the signer, not by you.
And if you don't trust the signer to make those distinctions, that's your
decision on your end.
--
Frank Tobin http://www.uiuc.edu/~ftobin/
"To learn what is good and what is to be valued,
those truths which cannot be shaken or changed." Myst: The Book of Atrus