Re: [openpgp] rfc3880bis - hard expiration time

On Thu, 2015-04-23 at 15:03 -0400, Phillip Hallam-Baker wrote:

You are not expiring a key. That is impossible in any PKI and almost
certainly undesirable.

What you are doing is expiring an assertion binding between the key to
a set of attributes. Similarly you are not revoking a key, you are
making an irrevocable and permanent assertion that the key is not
valid.

And the important point here to add is, that there is basically no
guarantee, that this irrevocable and permanent assertion of revocation
ever reaches the user.
The contrary, it is likely extremely easy to selectively filter out
revocations for each (receiving) user.

So when e.g. Wener's key for signing gnupg is compromised, he notices
and revokes it, what keeps the ISPs, NSA, cyber criminals & Co. from
blocking the revocation?
Sure, when they'd do it, it *migh* be noticed, sooner or later,... but
when they do it really smart it may be never ever noticed and even if,
it may be too late for many people.

It is quite possible to set a key fingerprint for expiry however. We
simply take a fingerprint of an assertion that includes an expiry
time.

Yep,... plus the same is needed for any other signtaures which are
calculated over the key material + UID data itself.


Cheers,
Chris.

smime.p7s
Description: S/MIME cryptographic signature

_______________________________________________
openpgp mailing list
openpgp(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/openpgp

<Prev in Thread]

Current Thread

[Next in Thread>

Previous by Date:

Re: [openpgp] 4880bis: Update S2K, Jon Callas

Next by Date:

Re: [openpgp] rfc3880bis - hard expiration time, Christoph Anton Mitterer

Previous by Thread:

Re: [openpgp] rfc3880bis - hard expiration time, Derek Atkins

Next by Thread:

Re: [openpgp] rfc3880bis - hard expiration time (was: details of 4880bis work), Jon Callas

Indexes:

[Date] [Thread] [Top] [All Lists]