ietf-openpgp
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [openpgp] rfc3880bis - hard expiration time (was: details of 4880bis work)

2015-04-25 16:03:03
from [Nicholas Cole] [Permanent Link] 
On Mon, Apr 20, 2015 at 7:04 PM, Werner Koch <wk(_at_)gnupg(_dot_)org> wrote:

On Thu, 16 Apr 2015 02:39, calestyo(_at_)scientia(_dot_)net said:


That's why I think, that creation and expiration times should be
immutable once the key has been created; at least not without
invalidating all signatures (i.e. those from other users).


A hard expiration time vor a v5 key format was proposed by Florian
Weimer many years ago.  IIRC, we even had consent that this should be
done by putting it into a v5 key packet.


I don't see the benefit of a hard expiration time.

More users should be encouraged to use expiration times, because that
would help to limit the problem of losing control of keys through
forgetting a passphrase (probably the most frequent AQ on the gnupg
users list).  It seems to me possible that so few do so because they
do not realize that expiration times can be changed.

Introducing a hard expiration time would introduce complexity because
there would then need to be two kinds -- hard and soft.

What are the use cases for a hard expiration time?

1. Perhaps an organization wishes to be sure that employee keys are
not used beyond a certain date.  If so, the answer already exists:
refuse to renew certifications of the UIDs on that key and make sure
that all certifications have an expiration date.

2. Enforcing key rotation.  But if this is important to individual
users, the answer is simply: set an expiration time on your key and
don't extend it.

3. Preventing an attacker who has gained complete control of a private
key, and who can prevent the dissemination of a revocation
certificate, from extending the life-time of a key, assuming that that
same attacker is not in a position to forge or coerce the creation of
a replacement key.

Scenario 3 is so niche (in fact, are there *any* documented cases of
this?) that I don't see the benefit of adding the complexity necessary
to support this.

Just my $0.02

_______________________________________________
openpgp mailing list
openpgp(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/openpgp
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: [openpgp] 4880bis: Update S2K, Peter Gutmann
Next by Date:  Re: [openpgp] rfc3880bis - hard expiration time, Dominik Schuermann
Previous by Thread:  Re: [openpgp] rfc3880bis - hard expiration time, Phillip Hallam-Baker
Next by Thread:  Re: [openpgp] rfc3880bis - hard expiration time, Dominik Schuermann
Indexes:  [Date] [Thread] [Top] [All Lists]