On Tue, Sep 24, 2002 at 10:37:06AM -0400, Derek Atkins wrote:
Before you go putting words in my mouth...
I didn't. You wrote:
From: Derek Atkins <derek(_at_)ihtfp(_dot_)com>
Subject: Re: draft-ietf-openpgp-rfc2440bis-06.txt
Please point out an advantage of *key* expiration over
*self-signature* expiration in that scenario.
A bad guy gets a copy of my private key.. If there is a key
expiration then they cannot keep it alive indefinitely. Or is key
compromise not an attack you care about? ;)
<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<
So apparently you think that key expiration should be final while
self-signature expiration is not. If you have a different
interpretation of what you wrote, I'd like to hear it.
[...] I agree with Jon that you need to
separate out the "this key is alive" from "this key is dead". The
"Keepalives" are self-signatures with limited lifetimes.
This is exactly what I am saying: use self-signatures with limited
lifetime (subpacket type 3) if you want to be able to keep the key
alive by re-signing later. And use self-signatures with a key
expiration time (subpacket type 9) only if you want the key to finally
expire by then.
We have these two different subpacket types, so why not use them?!
--
Bodo Möller <moeller(_at_)cdc(_dot_)informatik(_dot_)tu-darmstadt(_dot_)de>
PGP http://www.informatik.tu-darmstadt.de/TI/Mitarbeiter/moeller/0x36d2c658.html
* TU Darmstadt, Theoretische Informatik, Alexanderstr. 10, D-64283 Darmstadt
* Tel. +49-6151-16-6628, Fax +49-6151-16-6036