RE: draft-ietf-openpgp-rfc2440bis-06.txt
"Richie Laager" <rlaager@wiktel.com> Mon, 23 September 2002 18:55 UTC
Received: from above.proper.com (mail.proper.com [208.184.76.45]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id OAA20563 for <openpgp-archive@lists.ietf.org>; Mon, 23 Sep 2002 14:55:18 -0400 (EDT)
Received: (from majordomo@localhost) by above.proper.com (8.11.6/8.11.3) id g8NInEB11224 for ietf-openpgp-bks; Mon, 23 Sep 2002 11:49:14 -0700 (PDT)
Received: from maild1.wiktel.com (maild1.wiktel.com [204.221.145.237]) by above.proper.com (8.11.6/8.11.3) with ESMTP id g8NInDv11220 for <ietf-openpgp@imc.org>; Mon, 23 Sep 2002 11:49:13 -0700 (PDT)
Received: from virus3.wiktel.com (virus3.wiktel.com [204.221.145.233]) by maild1.wiktel.com (8.11.6/8.11.6) with SMTP id g8NInAS12515 for <ietf-openpgp@imc.org>; Mon, 23 Sep 2002 13:49:10 -0500
Received: from smtp2.wiktel.com ([204.221.145.238]) by virus3.wiktel.com (NAVGW 2.5.2.9) with SMTP id M2002092313411319906 ; Mon, 23 Sep 2002 13:41:13 -0500
Received: from NB1131 ([146.57.166.32]) (authenticated) by smtp2.wiktel.com (8.11.6/8.11.6) with ESMTP id g8NIn3h29381; Mon, 23 Sep 2002 13:49:03 -0500
From: Richie Laager <rlaager@wiktel.com>
To: 'Bodo Moeller' <moeller@cdc.informatik.tu-darmstadt.de>
Cc: 'OpenPGP' <ietf-openpgp@imc.org>
Subject: RE: draft-ietf-openpgp-rfc2440bis-06.txt
Date: Mon, 23 Sep 2002 13:49:14 -0500
Organization: Wikstrom Telecom Internet
Message-ID: <002301c26331$e9ffadb0$20a63992@umcrookston.edu>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
X-Priority: 3 (Normal)
X-MSMail-Priority: Normal
X-Mailer: Microsoft Outlook, Build 10.0.3416
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2600.0000
In-Reply-To: <20020923200254.A3493@cdc.informatik.tu-darmstadt.de>
Importance: Normal
Sender: owner-ietf-openpgp@mail.imc.org
Precedence: bulk
List-Archive: <http://www.imc.org/ietf-openpgp/mail-archive/>
List-Unsubscribe: <mailto:ietf-openpgp-request@imc.org?body=unsubscribe>
List-ID: <ietf-openpgp.imc.org>
Content-Transfer-Encoding: 7bit
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 > -----Original Message----- > From: Bodo Moeller [mailto:moeller@cdc.informatik.tu-darmstadt.de] > Sent: Monday, September 23, 2002 1:03 PM > To: Richie Laager > Cc: 'Derek Atkins'; 'Jon Callas'; 'OpenPGP' > Subject: Re: draft-ietf-openpgp-rfc2440bis-06.txt > > > On Mon, Sep 23, 2002 at 12:48:16PM -0500, Richie Laager wrote: > > >> Yes he can -- this is exactly the problem [1] that I want to > >> solve with my suggested change to the specification. The way > >> Jon wants to use key expiration, the bad guy can keep the key > >> alive > >> indefinitely. I call this a protocol failure, he calls it a > >> feature. > > > I've been following this thread somewhat, and I have the > > following suggestion: [...] > > Did you read my original message from the mailing list archives? > There is a simple workaround for the protocol failure, which does > not have the problems of your proposal: whenever someone certifies > someone else's key, then if this key has an expiration time set, > the certification signature should get an expiration time too such > that the signature's validity period extends no longer into the > future than the key's validity period. How does this help? If a "bad guy" gets the private key, he can simply resign everyone's key. Richie -----BEGIN PGP SIGNATURE----- Version: PGP 7.0.4 iQA/AwUBPY9iKm31OrleHxvOEQIFggCfYsFDQBW0Y76iV0j8ydzI/Ct2ZkEAoNCD 4+CEOfmM9vpCRaphkQDdQpFv =lWxk -----END PGP SIGNATURE-----
- Re: draft-ietf-openpgp-rfc2440bis-06.txt Bodo Moeller
- Re: draft-ietf-openpgp-rfc2440bis-06.txt Jon Callas
- Re: draft-ietf-openpgp-rfc2440bis-06.txt Werner Koch
- Re: draft-ietf-openpgp-rfc2440bis-06.txt Bodo Moeller
- Re: draft-ietf-openpgp-rfc2440bis-06.txt Bodo Moeller
- Re: draft-ietf-openpgp-rfc2440bis-06.txt Jon Callas
- Re: draft-ietf-openpgp-rfc2440bis-06.txt Bodo Moeller
- Re: draft-ietf-openpgp-rfc2440bis-06.txt Werner Koch
- Re: draft-ietf-openpgp-rfc2440bis-06.txt Bodo Moeller
- Re: draft-ietf-openpgp-rfc2440bis-06.txt Jon Callas
- Re: draft-ietf-openpgp-rfc2440bis-06.txt Bodo Moeller
- Re: draft-ietf-openpgp-rfc2440bis-06.txt Jon Callas
- Re: draft-ietf-openpgp-rfc2440bis-06.txt Bodo Moeller
- Re: draft-ietf-openpgp-rfc2440bis-06.txt Derek Atkins
- Re: draft-ietf-openpgp-rfc2440bis-06.txt Bodo Moeller
- RE: draft-ietf-openpgp-rfc2440bis-06.txt Richie Laager
- Re: draft-ietf-openpgp-rfc2440bis-06.txt Bodo Moeller
- RE: draft-ietf-openpgp-rfc2440bis-06.txt Richie Laager
- Re: draft-ietf-openpgp-rfc2440bis-06.txt Len Sassaman
- Re: draft-ietf-openpgp-rfc2440bis-06.txt Bodo Moeller
- Expiration semantics (Re: draft-ietf-openpgp-rfc2… Michael Young
- RE: draft-ietf-openpgp-rfc2440bis-06.txt Richie Laager
- More on key expiration policy (Re: draft-ietf-ope… Michael Young
- Re: More on key expiration policy (Re: draft-ietf… Len Sassaman
- Re: draft-ietf-openpgp-rfc2440bis-06.txt Jon Callas
- Re: draft-ietf-openpgp-rfc2440bis-06.txt Michael Young
- Re: draft-ietf-openpgp-rfc2440bis-06.txt Bodo Moeller
- Re: More on key expiration policy (Re: draft-ietf… Bodo Moeller
- Re: More on key expiration policy (Re: draft-ietf… Bodo Moeller
- Re: Expiration semantics (Re: draft-ietf-openpgp-… Bodo Moeller
- Re: More on key expiration policy (Re: draft-ietf… David Shaw
- Re: draft-ietf-openpgp-rfc2440bis-06.txt Derek Atkins
- Re: draft-ietf-openpgp-rfc2440bis-06.txt Bodo Moeller
- Re: draft-ietf-openpgp-rfc2440bis-06.txt disastry
- Re: draft-ietf-openpgp-rfc2440bis-06.txt David Shaw
- Re: draft-ietf-openpgp-rfc2440bis-06.txt Len Sassaman
- Re: draft-ietf-openpgp-rfc2440bis-06.txt Michael Young
- Re: draft-ietf-openpgp-rfc2440bis-06.txt David Shaw
- Re: draft-ietf-openpgp-rfc2440bis-06.txt Michael Young
- Re: draft-ietf-openpgp-rfc2440bis-06.txt Adrian von Bidder
- Re: draft-ietf-openpgp-rfc2440bis-06.txt Bodo Moeller