[Top] [All Lists]

Re: draft-ietf-openpgp-rfc2440bis-06.txt

2002-09-23 06:56:49

Bodo Moeller <moeller(_at_)cdc(_dot_)informatik(_dot_)tu-darmstadt(_dot_)de> 

Please point out an advantage of *key* expiration over
*self-signature* expiration in that scenario.

A bad guy gets a copy of my private key..  If there is a key
expiration then they cannot keep it alive indefinitely.  Or is key
compromise not an attack you care about? ;)

       Derek Atkins
       Computer and Internet Security Consultant