Re: draft-ietf-openpgp-rfc2440bis-06.txt
Bodo Moeller <moeller@cdc.informatik.tu-darmstadt.de> Mon, 23 September 2002 19:04 UTC
Received: from above.proper.com (mail.proper.com [208.184.76.45]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id PAA20957 for <openpgp-archive@lists.ietf.org>; Mon, 23 Sep 2002 15:04:53 -0400 (EDT)
Received: (from majordomo@localhost) by above.proper.com (8.11.6/8.11.3) id g8NIvUO11401 for ietf-openpgp-bks; Mon, 23 Sep 2002 11:57:30 -0700 (PDT)
Received: from cdc-info.cdc.informatik.tu-darmstadt.de (cdc-info.cdc.informatik.tu-darmstadt.de [130.83.23.100]) by above.proper.com (8.11.6/8.11.3) with ESMTP id g8NIvTv11397 for <ietf-openpgp@imc.org>; Mon, 23 Sep 2002 11:57:29 -0700 (PDT)
Received: from cdc-ws1.cdc.informatik.tu-darmstadt.de (cdc-ws1 [130.83.23.61]) by cdc-info.cdc.informatik.tu-darmstadt.de (Postfix) with ESMTP id 65A5B2C8E; Mon, 23 Sep 2002 20:57:30 +0200 (MET DST)
Received: (from moeller@localhost) by cdc-ws1.cdc.informatik.tu-darmstadt.de (8.10.2+Sun/8.10.2) id g8NIvUJ02905; Mon, 23 Sep 2002 20:57:30 +0200 (MEST)
Date: Mon, 23 Sep 2002 20:57:29 +0200
From: Bodo Moeller <moeller@cdc.informatik.tu-darmstadt.de>
To: Richie Laager <rlaager@wiktel.com>
Cc: 'OpenPGP' <ietf-openpgp@imc.org>
Subject: Re: draft-ietf-openpgp-rfc2440bis-06.txt
Message-ID: <20020923205729.A2899@cdc.informatik.tu-darmstadt.de>
References: <20020923200254.A3493@cdc.informatik.tu-darmstadt.de> <002301c26331$e9ffadb0$20a63992@umcrookston.edu>
Mime-Version: 1.0
Content-Type: text/plain; charset="iso-8859-1"
Content-Disposition: inline
Content-Transfer-Encoding: 8bit
User-Agent: Mutt/1.2.5i
In-Reply-To: <002301c26331$e9ffadb0$20a63992@umcrookston.edu>; from rlaager@wiktel.com on Mon, Sep 23, 2002 at 01:49:14PM -0500
Sender: owner-ietf-openpgp@mail.imc.org
Precedence: bulk
List-Archive: <http://www.imc.org/ietf-openpgp/mail-archive/>
List-Unsubscribe: <mailto:ietf-openpgp-request@imc.org?body=unsubscribe>
List-ID: <ietf-openpgp.imc.org>
Content-Transfer-Encoding: 8bit
On Mon, Sep 23, 2002 at 01:49:14PM -0500, Richie Laager wrote: >> Did you read my original message from the mailing list archives? >> There is a simple workaround for the protocol failure, which does >> not have the problems of your proposal: whenever someone certifies >> someone else's key, then if this key has an expiration time set, >> the certification signature should get an expiration time too such >> that the signature's validity period extends no longer into the >> future than the key's validity period. > How does this help? If a "bad guy" gets the private key, he can > simply resign everyone's key. If the bad guy gets Alice's private key that has expired, he can renew Alice's self-signature on the key, but he cannot renew Bob's certification for Alice's key, which will have expired too according to my proposal. So no-one will believe it is still Alice's key. Well, nearly no-one -- I can't speak for Jon :-) -- Bodo Möller <moeller@cdc.informatik.tu-darmstadt.de> PGP http://www.informatik.tu-darmstadt.de/TI/Mitarbeiter/moeller/0x36d2c658.html * TU Darmstadt, Theoretische Informatik, Alexanderstr. 10, D-64283 Darmstadt * Tel. +49-6151-16-6628, Fax +49-6151-16-6036
- Re: draft-ietf-openpgp-rfc2440bis-06.txt Bodo Moeller
- Re: draft-ietf-openpgp-rfc2440bis-06.txt Jon Callas
- Re: draft-ietf-openpgp-rfc2440bis-06.txt Werner Koch
- Re: draft-ietf-openpgp-rfc2440bis-06.txt Bodo Moeller
- Re: draft-ietf-openpgp-rfc2440bis-06.txt Bodo Moeller
- Re: draft-ietf-openpgp-rfc2440bis-06.txt Jon Callas
- Re: draft-ietf-openpgp-rfc2440bis-06.txt Bodo Moeller
- Re: draft-ietf-openpgp-rfc2440bis-06.txt Werner Koch
- Re: draft-ietf-openpgp-rfc2440bis-06.txt Bodo Moeller
- Re: draft-ietf-openpgp-rfc2440bis-06.txt Jon Callas
- Re: draft-ietf-openpgp-rfc2440bis-06.txt Bodo Moeller
- Re: draft-ietf-openpgp-rfc2440bis-06.txt Jon Callas
- Re: draft-ietf-openpgp-rfc2440bis-06.txt Bodo Moeller
- Re: draft-ietf-openpgp-rfc2440bis-06.txt Derek Atkins
- Re: draft-ietf-openpgp-rfc2440bis-06.txt Bodo Moeller
- RE: draft-ietf-openpgp-rfc2440bis-06.txt Richie Laager
- Re: draft-ietf-openpgp-rfc2440bis-06.txt Bodo Moeller
- RE: draft-ietf-openpgp-rfc2440bis-06.txt Richie Laager
- Re: draft-ietf-openpgp-rfc2440bis-06.txt Len Sassaman
- Re: draft-ietf-openpgp-rfc2440bis-06.txt Bodo Moeller
- Expiration semantics (Re: draft-ietf-openpgp-rfc2… Michael Young
- RE: draft-ietf-openpgp-rfc2440bis-06.txt Richie Laager
- More on key expiration policy (Re: draft-ietf-ope… Michael Young
- Re: More on key expiration policy (Re: draft-ietf… Len Sassaman
- Re: draft-ietf-openpgp-rfc2440bis-06.txt Jon Callas
- Re: draft-ietf-openpgp-rfc2440bis-06.txt Michael Young
- Re: draft-ietf-openpgp-rfc2440bis-06.txt Bodo Moeller
- Re: More on key expiration policy (Re: draft-ietf… Bodo Moeller
- Re: More on key expiration policy (Re: draft-ietf… Bodo Moeller
- Re: Expiration semantics (Re: draft-ietf-openpgp-… Bodo Moeller
- Re: More on key expiration policy (Re: draft-ietf… David Shaw
- Re: draft-ietf-openpgp-rfc2440bis-06.txt Derek Atkins
- Re: draft-ietf-openpgp-rfc2440bis-06.txt Bodo Moeller
- Re: draft-ietf-openpgp-rfc2440bis-06.txt disastry
- Re: draft-ietf-openpgp-rfc2440bis-06.txt David Shaw
- Re: draft-ietf-openpgp-rfc2440bis-06.txt Len Sassaman
- Re: draft-ietf-openpgp-rfc2440bis-06.txt Michael Young
- Re: draft-ietf-openpgp-rfc2440bis-06.txt David Shaw
- Re: draft-ietf-openpgp-rfc2440bis-06.txt Michael Young
- Re: draft-ietf-openpgp-rfc2440bis-06.txt Adrian von Bidder
- Re: draft-ietf-openpgp-rfc2440bis-06.txt Bodo Moeller