Re: draft-ietf-openpgp-rfc2440bis-06.txt
Len Sassaman <rabbi@abditum.com> Mon, 23 September 2002 18:58 UTC
Received: from above.proper.com (mail.proper.com [208.184.76.45]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id OAA20709 for <openpgp-archive@lists.ietf.org>; Mon, 23 Sep 2002 14:58:36 -0400 (EDT)
Received: (from majordomo@localhost) by above.proper.com (8.11.6/8.11.3) id g8NIr5311322 for ietf-openpgp-bks; Mon, 23 Sep 2002 11:53:05 -0700 (PDT)
Received: from thetis.deor.org (thetis.deor.org [207.106.86.210]) by above.proper.com (8.11.6/8.11.3) with ESMTP id g8NIr4v11318 for <ietf-openpgp@imc.org>; Mon, 23 Sep 2002 11:53:04 -0700 (PDT)
Received: by thetis.deor.org (Postfix, from userid 500) id 810B645025; Mon, 23 Sep 2002 11:53:04 -0700 (PDT)
Received: from localhost (localhost [127.0.0.1]) by thetis.deor.org (Postfix) with ESMTP id 6939148024; Mon, 23 Sep 2002 11:53:04 -0700 (PDT)
Date: Mon, 23 Sep 2002 11:53:04 -0700
From: Len Sassaman <rabbi@abditum.com>
X-Sender: <rabbi@thetis.deor.org>
To: Derek Atkins <derek@ihtfp.com>
Cc: Bodo Moeller <moeller@cdc.informatik.tu-darmstadt.de>, Jon Callas <jon@callas.org>, OpenPGP <ietf-openpgp@imc.org>
Subject: Re: draft-ietf-openpgp-rfc2440bis-06.txt
In-Reply-To: <sjm65wwyfnc.fsf@kikki.mit.edu>
Message-ID: <Pine.LNX.4.30.QNWS.0209231142100.22100-100000@thetis.deor.org>
X-AIM: Elom777
X-icq: 10735603
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset="US-ASCII"
Sender: owner-ietf-openpgp@mail.imc.org
Precedence: bulk
List-Archive: <http://www.imc.org/ietf-openpgp/mail-archive/>
List-Unsubscribe: <mailto:ietf-openpgp-request@imc.org?body=unsubscribe>
List-ID: <ietf-openpgp.imc.org>
On 23 Sep 2002, Derek Atkins wrote: > > Bodo Moeller <moeller@cdc.informatik.tu-darmstadt.de> writes: > > > Please point out an advantage of *key* expiration over > > *self-signature* expiration in that scenario. > > A bad guy gets a copy of my private key.. If there is a key > expiration then they cannot keep it alive indefinitely. Or is key > compromise not an attack you care about? ;) Actually, in Jon's proposal, the bad guy can. If we do things Bodo's way, he can't. Bodo wants to make key expirations permanent and unalterable. This means that even if a bad guy gets the private key, the key expiration cannot be changed. With Jon's way, key expirations are not a defense against key compromise, because they can be extended indefinitely by the holder of the private key. The question I see is this: are key expiration dates a "mandate" or a "suggestion" to third parties by the key owner? In Mixmaster, we have key expiration dates that are not even tied to the key by a signature -- they are just denoted in the key header field. The intention here is to inform the user that the key will be deleted after the expiration date, and in no way protects against the compromise of the key. (Deleting the key does that -- the expiration date protects against unreadable mail by the key holder). One might argue that expirations in PGP are intended to be interpreted the same way, and that the user should revoke the key if he is worried about Bad Guys possessing it. I think this is how it must be interpreted if we use Jon's system. --Len.
- Re: draft-ietf-openpgp-rfc2440bis-06.txt Bodo Moeller
- Re: draft-ietf-openpgp-rfc2440bis-06.txt Jon Callas
- Re: draft-ietf-openpgp-rfc2440bis-06.txt Werner Koch
- Re: draft-ietf-openpgp-rfc2440bis-06.txt Bodo Moeller
- Re: draft-ietf-openpgp-rfc2440bis-06.txt Bodo Moeller
- Re: draft-ietf-openpgp-rfc2440bis-06.txt Jon Callas
- Re: draft-ietf-openpgp-rfc2440bis-06.txt Bodo Moeller
- Re: draft-ietf-openpgp-rfc2440bis-06.txt Werner Koch
- Re: draft-ietf-openpgp-rfc2440bis-06.txt Bodo Moeller
- Re: draft-ietf-openpgp-rfc2440bis-06.txt Jon Callas
- Re: draft-ietf-openpgp-rfc2440bis-06.txt Bodo Moeller
- Re: draft-ietf-openpgp-rfc2440bis-06.txt Jon Callas
- Re: draft-ietf-openpgp-rfc2440bis-06.txt Bodo Moeller
- Re: draft-ietf-openpgp-rfc2440bis-06.txt Derek Atkins
- Re: draft-ietf-openpgp-rfc2440bis-06.txt Bodo Moeller
- RE: draft-ietf-openpgp-rfc2440bis-06.txt Richie Laager
- Re: draft-ietf-openpgp-rfc2440bis-06.txt Bodo Moeller
- RE: draft-ietf-openpgp-rfc2440bis-06.txt Richie Laager
- Re: draft-ietf-openpgp-rfc2440bis-06.txt Len Sassaman
- Re: draft-ietf-openpgp-rfc2440bis-06.txt Bodo Moeller
- Expiration semantics (Re: draft-ietf-openpgp-rfc2… Michael Young
- RE: draft-ietf-openpgp-rfc2440bis-06.txt Richie Laager
- More on key expiration policy (Re: draft-ietf-ope… Michael Young
- Re: More on key expiration policy (Re: draft-ietf… Len Sassaman
- Re: draft-ietf-openpgp-rfc2440bis-06.txt Jon Callas
- Re: draft-ietf-openpgp-rfc2440bis-06.txt Michael Young
- Re: draft-ietf-openpgp-rfc2440bis-06.txt Bodo Moeller
- Re: More on key expiration policy (Re: draft-ietf… Bodo Moeller
- Re: More on key expiration policy (Re: draft-ietf… Bodo Moeller
- Re: Expiration semantics (Re: draft-ietf-openpgp-… Bodo Moeller
- Re: More on key expiration policy (Re: draft-ietf… David Shaw
- Re: draft-ietf-openpgp-rfc2440bis-06.txt Derek Atkins
- Re: draft-ietf-openpgp-rfc2440bis-06.txt Bodo Moeller
- Re: draft-ietf-openpgp-rfc2440bis-06.txt disastry
- Re: draft-ietf-openpgp-rfc2440bis-06.txt David Shaw
- Re: draft-ietf-openpgp-rfc2440bis-06.txt Len Sassaman
- Re: draft-ietf-openpgp-rfc2440bis-06.txt Michael Young
- Re: draft-ietf-openpgp-rfc2440bis-06.txt David Shaw
- Re: draft-ietf-openpgp-rfc2440bis-06.txt Michael Young
- Re: draft-ietf-openpgp-rfc2440bis-06.txt Adrian von Bidder
- Re: draft-ietf-openpgp-rfc2440bis-06.txt Bodo Moeller