[openpgp] Key expiration ambiguity in rfc4880

FYI I have just opened merge request 113 [1] to clarify an ambiguity in 
the definition of key expiry times. RFC4880 currently states:
  5.2.3.3.  Notes on Self-Signatures    

   ...

   Subpackets that appear in a certification self-signature
   apply to the user name, and subpackets that appear in the subkey
   self-signature apply to the subkey.  Lastly, subpackets on the
   direct-key signature apply to the entire key.

and:

  5.2.3.6.  Key Expiration Time

   (4-octet time field)

   The validity period of the key.  This is the number of seconds after
   the key creation time that the key expires.  If this is not present
   or has a value of zero, the key never expires.  This is found only on
   a self-signature.

Most implementations interpret these paragraphs as meaning that subkey 
expiration times are calculated relative to the subkey's own creation 
time. However, it has been discovered [2] that Hockeypuck (uniquely?) 
uses the primary key creation time to calculate subkey expirations. This 
has led to odd situations where some subkeys appear to expire earlier 
than intended - and in some cases before they were created.
This is merely a cosmetic issue in Hockeypuck, as subkey expiration 
times are only calculated (AIUI) for human-readable display purposes; 
however it does expose a potential ambiguity in the RFC that IMO should 
be tidied up. To this end, I propose to insert the following into 
section 5.2.3.6:
```
For a direct signature, the key creation time is that of the primary key.
For a subkey binding signature, the key creation time is that of the subkey.
```

[1] https://gitlab.com/openpgp-wg/rfc4880bis/-/merge_requests/113
[2] https://github.com/hockeypuck/hockeypuck/issues/140

--
Andrew Gallagher

OpenPGP_signature
Description: OpenPGP digital signature

_______________________________________________
openpgp mailing list
openpgp(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/openpgp