Re: Expiration semantics (Re: draft-ietf-openpgp-rfc2440bis-06.txt)

Bodo Moeller <moeller@cdc.informatik.tu-darmstadt.de> Tue, 24 September 2002 11:25 UTC

Received: from above.proper.com (mail.proper.com [208.184.76.45]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id HAA22795 for <openpgp-archive@lists.ietf.org>; Tue, 24 Sep 2002 07:25:33 -0400 (EDT)
Received: (from majordomo@localhost) by above.proper.com (8.11.6/8.11.3) id g8OBJ1v09624 for ietf-openpgp-bks; Tue, 24 Sep 2002 04:19:01 -0700 (PDT)
Received: from cdc-info.cdc.informatik.tu-darmstadt.de (cdc-info.cdc.informatik.tu-darmstadt.de [130.83.23.100]) by above.proper.com (8.11.6/8.11.3) with ESMTP id g8OBIxv09616 for <ietf-openpgp@imc.org>; Tue, 24 Sep 2002 04:18:59 -0700 (PDT)
Received: from cdc-ws13.cdc.informatik.tu-darmstadt.de (cdc-ws13 [130.83.23.73]) by cdc-info.cdc.informatik.tu-darmstadt.de (Postfix) with ESMTP id A95B42C91; Tue, 24 Sep 2002 13:18:59 +0200 (MET DST)
Received: (from moeller@localhost) by cdc-ws13.cdc.informatik.tu-darmstadt.de (8.10.2+Sun/8.10.2) id g8OBIwa03843; Tue, 24 Sep 2002 13:18:58 +0200 (MEST)
Date: Tue, 24 Sep 2002 13:18:57 +0200
From: Bodo Moeller <moeller@cdc.informatik.tu-darmstadt.de>
To: Michael Young <mwy-opgp97@the-youngs.org>
Cc: OpenPGP <ietf-openpgp@imc.org>
Subject: Re: Expiration semantics (Re: draft-ietf-openpgp-rfc2440bis-06.txt)
Message-ID: <20020924131857.B3828@cdc.informatik.tu-darmstadt.de>
References: <B9B3FFC0.9722%jon@callas.org><20020923082334.A28473@cdc.informatik.tu-darmstadt.de> <sjm65wwyfnc.fsf@kikki.mit.edu> <00b701c2633a$6c5a37a0$f0c12609@transarc.ibm.com>
Mime-Version: 1.0
Content-Type: text/plain; charset=iso-8859-1
Content-Disposition: inline
Content-Transfer-Encoding: 8bit
User-Agent: Mutt/1.2.5i
In-Reply-To: <00b701c2633a$6c5a37a0$f0c12609@transarc.ibm.com>; from mwy-opgp97@the-youngs.org on Mon, Sep 23, 2002 at 03:50:06PM -0400
Sender: owner-ietf-openpgp@mail.imc.org
Precedence: bulk
List-Archive: <http://www.imc.org/ietf-openpgp/mail-archive/>
List-Unsubscribe: <mailto:ietf-openpgp-request@imc.org?body=unsubscribe>
List-ID: <ietf-openpgp.imc.org>
Content-Transfer-Encoding: 8bit

On Mon, Sep 23, 2002 at 03:50:06PM -0400, Michael Young wrote:

> Certifications are statements about the ownership of a key, not its
> lifetime; it should be legal to make a certification that will outlast
> the key's (CURRENT) expiration time.

Legal?  Of course; the signer may have out-of-band information that a
long certification validity period is OK.  But by default, the current
key expiration time should not be exceeded.


-- 
Bodo Möller <moeller@cdc.informatik.tu-darmstadt.de>;
PGP http://www.informatik.tu-darmstadt.de/TI/Mitarbeiter/moeller/0x36d2c658.html
* TU Darmstadt, Theoretische Informatik, Alexanderstr. 10, D-64283 Darmstadt
* Tel. +49-6151-16-6628, Fax +49-6151-16-6036