Re: draft-ietf-openpgp-rfc2440bis-06.txt

moeller@cdc.informatik.tu-darmstadt.de (Bodo Moeller) Sat, 21 September 2002 11:28 UTC

Received: from above.proper.com (mail.proper.com [208.184.76.45]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id HAA09431 for <openpgp-archive@lists.ietf.org>; Sat, 21 Sep 2002 07:28:26 -0400 (EDT)
Received: by above.proper.com (8.11.6/8.11.3) id g8LBJbj15878 for ietf-openpgp-bks; Sat, 21 Sep 2002 04:19:37 -0700 (PDT)
Received: from cdc-info.cdc.informatik.tu-darmstadt.de (cdc-info.cdc.informatik.tu-darmstadt.de [130.83.23.100]) by above.proper.com (8.11.6/8.11.3) with ESMTP id g8LBJZk15872 for <ietf-openpgp@imc.org>; Sat, 21 Sep 2002 04:19:35 -0700 (PDT)
Received: from localhost (cdc-info [130.83.23.100]) by cdc-info.cdc.informatik.tu-darmstadt.de (Postfix) with SMTP id 0A0322C8F; Sat, 21 Sep 2002 13:19:30 +0200 (MET DST)
Received: id <m17siAV-000QdtC@epsilon>; Sat, 21 Sep 2002 13:11:23 +0200 (CEST)
Message-Id: <m17siAV-000QdtC@epsilon>
Date: Sat, 21 Sep 2002 13:11:23 +0200 (CEST)
To: ietf-openpgp@imc.org
From: moeller@cdc.informatik.tu-darmstadt.de (Bodo Moeller)
Cc: Jon Callas <jon@callas.org>
Subject: Re: draft-ietf-openpgp-rfc2440bis-06.txt
In-Reply-To: <B9B15B23.962C@jon>
References: <20020920154036.A1676@cdc.informatik.tu-darmstadt.de> <B9B15B23.962C@jon>
Mime-Version: 1.0
Content-Type: text/plain; charset=iso-8859-1
Content-Transfer-Encoding: 8bit
Sender: owner-ietf-openpgp@mail.imc.org
Precedence: bulk
List-Archive: <http://www.imc.org/ietf-openpgp/mail-archive/>
List-Unsubscribe: <mailto:ietf-openpgp-request@imc.org?body=unsubscribe>
List-ID: <ietf-openpgp.imc.org>
Content-Transfer-Encoding: 8bit

Jon Callas <jon@callas.org>;:
> "Bodo Moeller" <moeller@cdc.informatik.tu-darmstadt.de>;:

>> Here's the yearly reminder on the OpenPGP key expiration protocol failure.
>> 
>> http://www.imc.org/ietf-openpgp/mail-archive/msg02374.html
>> http://www.imc.org/ietf-openpgp/mail-archive/msg02848.html
>> http://www.imc.org/ietf-openpgp/mail-archive/msg03693.html

> My opinion (still) is that it isn't a bug, it's a feature. I want someday to
> make keys that have short-lived self-signatures on them that are regularly
> renewed, [...]

You are talking about subkeys (encryption subkeys, presumably -- in
the case of signature keys, you can simply stop using them without
having announced so in advance).  If you want to regularly renew your
subkeys, then set appropriate expiration times for these subkeys.

I am talking about main keys, not subkeys.  Simply don't set an
expiration time for the signing key if you want to be able to continue
to use it indefinitely.


-- 
Bodo Möller <moeller@cdc.informatik.tu-darmstadt.de>;
PGP http://www.informatik.tu-darmstadt.de/TI/Mitarbeiter/moeller/0x36d2c658.html
* TU Darmstadt, Theoretische Informatik, Alexanderstr. 10, D-64283 Darmstadt
* Tel. +49-6151-16-6628, Fax +49-6151-16-6036