On Mon, Sep 23, 2002 at 03:50:06PM -0400, Michael Young wrote:
Certifications are statements about the ownership of a key, not its
lifetime; it should be legal to make a certification that will outlast
the key's (CURRENT) expiration time.
Legal? Of course; the signer may have out-of-band information that a
long certification validity period is OK. But by default, the current
key expiration time should not be exceeded.
--
Bodo Möller <moeller(_at_)cdc(_dot_)informatik(_dot_)tu-darmstadt(_dot_)de>
PGP http://www.informatik.tu-darmstadt.de/TI/Mitarbeiter/moeller/0x36d2c658.html
* TU Darmstadt, Theoretische Informatik, Alexanderstr. 10, D-64283 Darmstadt
* Tel. +49-6151-16-6628, Fax +49-6151-16-6036