On Mon, Mar 17, 2003 at 01:23:37AM -0800, Jon Callas wrote:
[...] Older keys are more likely to have become compromised. [...]
I'll bet that if you look at the most connected V3 keys, you'll find few if
any of them less than a year old. Even less than two years old. An analysis
of "reachability" that does not consider key age at all is flawed, unless
you subscribe to the radical notion that the age of keys doesn't matter.
So as key expiry does not really work, now we are expiring key data
formats instead? :-)
[I haven't seen any replies to my recent proposal
http://www.imc.org/ietf-openpgp/mail-archive/msg04950.html
which should finally solve that issue ...]
--
Bodo Möller <moeller(_at_)cdc(_dot_)informatik(_dot_)tu-darmstadt(_dot_)de>
PGP http://www.informatik.tu-darmstadt.de/TI/Mitarbeiter/moeller/0x36d2c658.html
* TU Darmstadt, Theoretische Informatik, Alexanderstr. 10, D-64283 Darmstadt
* Tel. +49-6151-16-6628, Fax +49-6151-16-6036