Re: draft-ietf-openpgp-rfc2440bis-06.txt

Jon Callas <jon@callas.org> Sat, 21 September 2002 06:35 UTC

Received: from above.proper.com (mail.proper.com [208.184.76.45]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id CAA06080 for <openpgp-archive@lists.ietf.org>; Sat, 21 Sep 2002 02:35:22 -0400 (EDT)
Received: from localhost (localhost [[UNIX: localhost]]) by above.proper.com (8.11.6/8.11.3) id g8L6H0s08844 for ietf-openpgp-bks; Fri, 20 Sep 2002 23:17:00 -0700 (PDT)
Received: from merrymeet.com (merrymeet.com [63.73.97.162]) by above.proper.com (8.11.6/8.11.3) with ESMTP id g8L6Gdk08715 for <ietf-openpgp@imc.org>; Fri, 20 Sep 2002 23:16:39 -0700 (PDT)
Received: from [63.73.97.180] (63.73.97.165) by merrymeet.com with ESMTP (Eudora Internet Mail Server 3.1.2); Fri, 20 Sep 2002 23:16:34 -0700
User-Agent: Microsoft-Entourage/10.1.0.2006
Date: Fri, 20 Sep 2002 23:09:23 -0700
Subject: Re: draft-ietf-openpgp-rfc2440bis-06.txt
From: Jon Callas <jon@callas.org>
To: Bodo Moeller <moeller@cdc.informatik.tu-darmstadt.de>, OpenPGP <ietf-openpgp@imc.org>
Message-ID: <B9B15B23.962C%jon@callas.org>
In-Reply-To: <20020920154036.A1676@cdc.informatik.tu-darmstadt.de>
Mime-version: 1.0
Content-type: text/plain; charset="US-ASCII"
Content-transfer-encoding: 7bit
Sender: owner-ietf-openpgp@mail.imc.org
Precedence: bulk
List-Archive: <http://www.imc.org/ietf-openpgp/mail-archive/>
List-Unsubscribe: <mailto:ietf-openpgp-request@imc.org?body=unsubscribe>
List-ID: <ietf-openpgp.imc.org>
Content-Transfer-Encoding: 7bit

On 9/20/02 6:40 AM, "Bodo Moeller" <moeller@cdc.informatik.tu-darmstadt.de>;
wrote:

> 
> Here's the yearly reminder on the OpenPGP key expiration protocol failure.
> 
> http://www.imc.org/ietf-openpgp/mail-archive/msg02374.html
> http://www.imc.org/ietf-openpgp/mail-archive/msg02848.html
> http://www.imc.org/ietf-openpgp/mail-archive/msg03693.html
> 

My opinion (still) is that it isn't a bug, it's a feature. I want someday to
make keys that have short-lived self-signatures on them that are regularly
renewed, and don't want to require the entire PKI to regenerate itself every
week, or day, or month. I think it's horribly limiting to require all the
dates to match up, and ruins a lot of interesting possibilities.

    Jon