On Mon, Sep 23, 2002 at 09:55:19AM -0400, Derek Atkins wrote:
Bodo Moeller <moeller(_at_)cdc(_dot_)informatik(_dot_)tu-darmstadt(_dot_)de>
writes:
Please point out an advantage of *key* expiration over
*self-signature* expiration in that scenario.
A bad guy gets a copy of my private key.. If there is a key
expiration then they cannot keep it alive indefinitely.
Yes he can -- this is exactly the problem [1] that I want to solve
with my suggested change to the specification. The way Jon wants to
use key expiration, the bad guy can keep the key alive indefinitely.
I call this a protocol failure, he calls it a feature.
[1] http://www.imc.org/ietf-openpgp/mail-archive/msg02374.html
--
Bodo Möller <moeller(_at_)cdc(_dot_)informatik(_dot_)tu-darmstadt(_dot_)de>
PGP http://www.informatik.tu-darmstadt.de/TI/Mitarbeiter/moeller/0x36d2c658.html
* TU Darmstadt, Theoretische Informatik, Alexanderstr. 10, D-64283 Darmstadt
* Tel. +49-6151-16-6628, Fax +49-6151-16-6036