ietf-openpgp
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [openpgp] rfc3880bis - hard expiration time

2015-04-27 09:51:09
from [Dominik Schuermann] [Permanent Link] 
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1



On 04/27/2015 04:29 PM, Derek Atkins wrote:

Unless you've removed support for V3 keys from your implementation
then you effectively already have this implemented.


We removed support for v3 keys in OpenKeychain.


You are correct that the current v4+self-sig-sub-packet does not
prevent an attack where the private key gets compromised.  That's
exactly why some of us want to re-introduce key expiration in the
key packet (ala v3). What it allows is the ability to say "this key
cannot be used after date X".  Even if an attacker gets the private
key there is no way for them to change that.

Of course, if an attacker does obtain the private key they could
still sign stuff as of "date X-1".  But eventually that stops
working.


2,5 years on average until a key expires, even if you would argue
setting the expiry time to 6 month, it's enough time for an attacker
to misuse the key, I just don't see attack scenario prevented by
having expiration dates.
As outlined before, I see soft expiration dates as a convenience
feature, not something that prevents attacks. Thus, hard expiration
makes no sense in my model.

Some argue that expiration helps invalidating old crypto, I disagree.
Using 512 bit RSA keys should be rejected by the client software, no
need to place expiration dates inside the key. This is actually
something we currently have on our TODO list for OpenKeychain.

Regards
Dominik
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.19 (GNU/Linux)

iQEbBAEBAgAGBQJVPkzUAAoJEHGMBwEAASKC2L8H+I37tl8RQO6GRzkwnOZEOXhO
LKq4dEIzYzJUtyek0Y7xblNyPtkxFu1poEzA6euoqB8d/5cI0z0Cxl8aP3lKxMmi
6NuWuCqczlWBR3NFTx2Cc1lgyeg376yLltNClcRIXiWGn83cEDDzUFn/bAcnwbpn
5cj5j66mySGTVT5aPC+Wbq9p21d63NhNvVX7j1EPq6fie9NVKmSjr3U+FBE940QW
rx6+x92EDC1VfFwQsufFvdeiiLxIPt7xdl6CM19uAlBMiElilpBUgPF8BWq52/tR
39FwLxXskNP5YQhZDeCcn2Xun3vf+0GwF2HmDPxhq66xjr7uFDy2zNEXbaD0SA==
=XyNX
-----END PGP SIGNATURE-----

_______________________________________________
openpgp mailing list
openpgp(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/openpgp
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: [openpgp] rfc3880bis - hard expiration time, Derek Atkins
Next by Date:  Re: [openpgp] rfc3880bis - hard expiration time, Christoph Anton Mitterer
Previous by Thread:  Re: [openpgp] rfc3880bis - hard expiration time, Derek Atkins
Next by Thread:  Re: [openpgp] rfc3880bis - hard expiration time, Christoph Anton Mitterer
Indexes:  [Date] [Thread] [Top] [All Lists]