[Top] [All Lists]

Re: How do I do this with OpenPGP?

2002-05-07 15:09:48

On Tue, May 07, 2002 at 04:29:53PM -0500, 
john(_dot_)dlugosz(_at_)kodak(_dot_)com wrote:

From: John Dlugosz

One of the nice things about OpenPGP is that multiple signatories are
possible on a key, each "meaning" something.  Basically, it trent signs a
key, it's OK with me for (purpose A), and the fact that Carl signed it too
for some other purpose is beside the point.

But, I want Trent to be able to certify a key for a certain time period.
Tag 2, type 0x10-0x13 doesn't contain a date.  I suppose there's a more
complicated way to do this, though?  type 0x1F says "...for statements that
non-self certifiers want to make about the key itself" so maybe something
in there?  Or certifing one of the (time range) subkeys instead of the main

I think you are looking for section Signature expiration
time.  Or if the key belongs to Trent's and he wants to make the whole
key go away after a while, then section Key expiration time.


   David Shaw  |  dshaw(_at_)jabberwocky(_dot_)com  |  WWW
   "There are two major products that come out of Berkeley: LSD and UNIX.
      We don't believe this to be a coincidence." - Jeremy S. Anderson

<Prev in Thread] Current Thread [Next in Thread>