Re: draft-ietf-openpgp-rfc2440bis-06.txt

Bodo Moeller <> Tue, 24 September 2002 15:18 UTC

Received: from ( []) by (8.9.1a/8.9.1a) with ESMTP id LAA01974 for <>; Tue, 24 Sep 2002 11:18:35 -0400 (EDT)
Received: (from majordomo@localhost) by (8.11.6/8.11.3) id g8OF8OQ22878 for ietf-openpgp-bks; Tue, 24 Sep 2002 08:08:24 -0700 (PDT)
Received: from ( []) by (8.11.6/8.11.3) with ESMTP id g8OF8Mv22872 for <>; Tue, 24 Sep 2002 08:08:22 -0700 (PDT)
Received: from (cdc-ws13 []) by (Postfix) with ESMTP id 353B52C91; Tue, 24 Sep 2002 17:08:23 +0200 (MET DST)
Received: (from moeller@localhost) by (8.10.2+Sun/8.10.2) id g8OF8L304462; Tue, 24 Sep 2002 17:08:21 +0200 (MEST)
Date: Tue, 24 Sep 2002 17:08:20 +0200
From: Bodo Moeller <>
To: Derek Atkins <>
Cc: Jon Callas <>, OpenPGP <>
Subject: Re: draft-ietf-openpgp-rfc2440bis-06.txt
Message-ID: <>
References: <> <> <> <>
Mime-Version: 1.0
Content-Type: text/plain; charset=iso-8859-1
Content-Disposition: inline
Content-Transfer-Encoding: 8bit
User-Agent: Mutt/1.2.5i
In-Reply-To: <>; from on Tue, Sep 24, 2002 at 10:37:06AM -0400
Precedence: bulk
List-Archive: <>
List-Unsubscribe: <>
List-ID: <>
Content-Transfer-Encoding: 8bit

On Tue, Sep 24, 2002 at 10:37:06AM -0400, Derek Atkins wrote:

> Before you go putting words in my mouth...

I didn't.  You wrote:

From: Derek Atkins <>;
Subject: Re: draft-ietf-openpgp-rfc2440bis-06.txt

> Please point out an advantage of *key* expiration over
> *self-signature* expiration in that scenario.

A bad guy gets a copy of my private key..  If there is a key
expiration then they cannot keep it alive indefinitely.  Or is key
compromise not an attack you care about? ;)

So apparently you think that key expiration should be final while
self-signature expiration is not.  If you have a different
interpretation of what you wrote, I'd like to hear it.

> [...]                            I agree with Jon that you need to
> separate out the "this key is alive" from "this key is dead".  The
> "Keepalives" are self-signatures with limited lifetimes.

This is exactly what I am saying: use self-signatures with limited
lifetime (subpacket type 3) if you want to be able to keep the key
alive by re-signing later.  And use self-signatures with a key
expiration time (subpacket type 9) only if you want the key to finally
expire by then.

We have these two different subpacket types, so why not use them?!

Bodo Möller <>;
* TU Darmstadt, Theoretische Informatik, Alexanderstr. 10, D-64283 Darmstadt
* Tel. +49-6151-16-6628, Fax +49-6151-16-6036