ietf-openpgp
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [openpgp] Fingerprint requirements for OpenPGP

2016-04-13 11:05:33
from [Werner Koch] [Permanent Link] 
On Wed, 13 Apr 2016 16:30, derek(_at_)ihtfp(_dot_)com said:


I still believe we should use b, with the knowledge that the hard
expiration is optional (could be 0).  This would protect against an
attack where you lose control of your secret material and the attacker
creates a new self-sig with a new expiration time.


Although I do not see a real need for this, I would accept this.


Salam-Shalom,

   Werner

-- 
Die Gedanken sind frei.  Ausnahmen regelt ein Bundesgesetz.

_______________________________________________
openpgp mailing list
openpgp(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/openpgp
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: [openpgp] Fingerprint requirements for OpenPGP, Werner Koch
Next by Date:  Re: [openpgp] Fingerprint requirements for OpenPGP, Vincent Breitmoser
Previous by Thread:  Re: [openpgp] Fingerprint requirements for OpenPGP, Derek Atkins
Next by Thread:  Re: [openpgp] Fingerprint requirements for OpenPGP, Jon Callas
Indexes:  [Date] [Thread] [Top] [All Lists]