[Top] [All Lists]

Re: draft-ietf-openpgp-rfc2440bis-06.txt

2002-09-21 14:54:57

On Sat, Sep 21, 2002 at 10:20:53PM +0200, Bodo Moeller wrote:
On Sat, Sep 21, 2002 at 11:20:49AM -0700, Jon Callas wrote:
"Bodo Moeller" 

I am talking about main keys, not subkeys.  Simply don't set an
expiration time for the signing key if you want to be able to continue
to use it indefinitely.

So am I. I'm talking about main keys.

I have a vision where my program might (for example) re-create my
self-signature every day with a 48-hour expiration, and upload it to the

But why would you want to do this?!  This key "expiration" does not
provide any security.  You can just as well submit a key without an
expiration date; instead of stopping to send updated self-signatures,
you just stop to use the key.

And assuming there *is* some point in doing self-signature updates
like this, whatever it may be, you should use signature expiration
time sub-packets, not key expiration sub-packets: it's just the
self-signatures that you want to expire, not the key.  So there is no
conflict with the proposed workaround for the key expiration protocol

Bodo Möller <moeller(_at_)cdc(_dot_)informatik(_dot_)tu-darmstadt(_dot_)de>
* TU Darmstadt, Theoretische Informatik, Alexanderstr. 10, D-64283 Darmstadt
* Tel. +49-6151-16-6628, Fax +49-6151-16-6036