HI,
On Mon, April 27, 2015 10:23 am, Dominik Schuermann wrote:
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
I am not arguing from a user's perspective, I am arguing from the
perspective of an implementor of the standard. More features, more
complexity. I want to see a use case before we put something in the
standard that everyone MUST implement.
Unless you've removed support for V3 keys from your implementation then
you effectively already have this implemented.
For me soft expiration is a way that prevents the usage of keys
after a certain amount of time
As I've outlaid before, it doesn't really prevent this.
Please read my email again. It does not prevent it when you consider
an attacker, but we are not talking about an attack scenario here. If
you think we are talking about an attack scenario, I like to here what
hard exp can do for us.
You are correct that the current v4+self-sig-sub-packet does not prevent
an attack where the private key gets compromised. That's exactly why some
of us want to re-introduce key expiration in the key packet (ala v3).
What it allows is the ability to say "this key cannot be used after date
X". Even if an attacker gets the private key there is no way for them to
change that.
Of course, if an attacker does obtain the private key they could still
sign stuff as of "date X-1". But eventually that stops working.
Regards
Dominik
______________
openpgp mailing list
openpgp(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/openpgp
-derek
--
Derek Atkins 617-623-3745
derek(_at_)ihtfp(_dot_)com www.ihtfp.com
Computer and Internet Security Consultant
_______________________________________________
openpgp mailing list
openpgp(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/openpgp