-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On 04/27/2015 04:15 PM, Christoph Anton Mitterer wrote:
On Mon, 2015-04-27 at 14:08 +0200, Dominik Schuermann wrote:
Full ACK. I also don't see the need for hard expiration times.
I don't quite understand why people lobby against a use case,
which wouldn't have an effect on any other use cases if people
choose so.
It's like "I only use signing - so let's remove any encryption
capabilities from OpenPGP" o.O
I am not arguing from a user's perspective, I am arguing from the
perspective of an implementor of the standard. More features, more
complexity. I want to see a use case before we put something in the
standard that everyone MUST implement.
For me soft expiration is a way that prevents the usage of keys
after a certain amount of time
As I've outlaid before, it doesn't really prevent this.
Please read my email again. It does not prevent it when you consider
an attacker, but we are not talking about an attack scenario here. If
you think we are talking about an attack scenario, I like to here what
hard exp can do for us.
Regards
Dominik
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.19 (GNU/Linux)
iQEcBAEBAgAGBQJVPkZsAAoJEHGMBwEAASKCDsIH/iCpIYAQQVZj5BBjH6QJw34k
owf6qCBLA2vF4LVdCTciBVJqTyN2ySdxlBPadve7S0BbClAjUvGIfqJhE+iD7JCj
zC8Puj/ToSI0O4zV/uYX+C35maP9+L6zcAIbc5JGpjvu7Rcyfy70+b6fnq03UJJD
vrS3eEURj/fHB84tzKY+WqFyAjEhXe9cAZOixZC9Ok58vjiLbID16N3gJdxgX5EM
FwT/f0OyVIO53Yam7BEKlh0LaOCNbcTJPTfJy1WxzMa+/RGHmt22OObMBhMXdb/I
C87gmvMuY6isqB45+sBXEIWaz3X70Be1UwCOp8G1xR/INekHDUj4j/E7A/g2gmw=
=IGfz
-----END PGP SIGNATURE-----
_______________________________________________
openpgp mailing list
openpgp(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/openpgp