On Thu, Sep 22, 2005 at 08:47:05PM +0200, Konrad Rosenbaum wrote:
On Wednesday 21 September 2005 23:26, Hal Finney wrote:
This is a good point, I'll have to think about it. I'm still not
sure that covering this material with key fingerprints and keyids is
the right thing to do. What would the security threats be from being
able to bring a key back to life with the same fingerprint and keyid,
but without any signatures on it being valid?
It becomes a threat once you get hold of the private key (through some
accident, a data leak, whatever) because then you can also issue new
self-signatures.
I see two possibilities to limit the damage:
a) changing the expiration also changes the fingerprint, so the key does no
longer match whatever users have in their keyring and would basically be a
new key.
b) changing the expiration breaks ALL signatures (not only self-sig) on the
key. (Actually b must be implemented as well, when a is implemented.)
If I understand what Hal was proposing, then b is already true.
Self-sigs aren't treated any differently than any other certification
signature.
On the other hand: expiration dates are a very weak measure against key
abuse (they only limit the damage), un-revocable revocation sigs seem much
more effective to me.
True, but an unrevocable revocation signature can be stripped off the
key, so it becomes a key distribution problem. Expiration dates are
naturally carried along with the key.
David