Re: draft-ietf-openpgp-rfc2440bis-06.txt

"Michael Young" <> Tue, 24 September 2002 20:44 UTC

Received: from ( []) by (8.9.1a/8.9.1a) with ESMTP id QAA12099 for <>; Tue, 24 Sep 2002 16:44:29 -0400 (EDT)
Received: (from majordomo@localhost) by (8.11.6/8.11.3) id g8OKbI910141 for ietf-openpgp-bks; Tue, 24 Sep 2002 13:37:18 -0700 (PDT)
Received: from ( []) by (8.11.6/8.11.3) with ESMTP id g8OKb9v10136 for <>; Tue, 24 Sep 2002 13:37:17 -0700 (PDT)
Received: from ( []) by (AIX4.3/UCB 8.7/8.7) with ESMTP id QAA23396 for <>; Tue, 24 Sep 2002 16:23:40 -0400 (EDT)
Received: from mwyoung ( []) by (8.8.0/8.8.0) with SMTP id QAA23312 for <>; Tue, 24 Sep 2002 16:37:01 -0400 (EDT)
Message-ID: <00e401c26409$cff7c500$>
From: "Michael Young" <>
To: "OpenPGP" <>
References: <00c001c263fb$a8d70480$> <>
Subject: Re: draft-ietf-openpgp-rfc2440bis-06.txt
Date: Tue, 24 Sep 2002 16:34:40 -0400
MIME-Version: 1.0
Content-Type: text/plain; charset="iso-8859-1"
Content-Transfer-Encoding: 7bit
X-Priority: 3
X-MSMail-Priority: Normal
X-Mailer: Microsoft Outlook Express 5.50.4522.1200
X-MimeOLE: Produced By Microsoft MimeOLE V5.50.4522.1200
Precedence: bulk
List-Archive: <>
List-Unsubscribe: <>
List-ID: <>
Content-Transfer-Encoding: 7bit

Hash: SHA1

From: "David Shaw" <>;
> Whoah - I am not proposing that.  My comments were in the context of
> how a potential v5 key format could work (and as a side note on how
> GnuPG handles a v3 key with a v4 selfsig).  That's all.  As I see it,
> without an expiration date *in the key packet*, there is no true
> "hard" expiration date.  I agree with Jon's analysis.

OK... sorry about that.  I agree that a new key format could address this
if anyone cared enough.  (I don't.  Revocation is good enough... which
leads me to wonder how PGP/GnuPG would treat a post-dated revocation,
but that's another unnecessary digression. :-)

> GnuPG 1.0.6 is fairly old now.

It may be old in a CVS sense.  There's a lot of it out there, though...
it's in the RedHat 7.2AS and 7.3 releases, for example.  It was the
only official Windows build for a *long* time.

My point was not that GnuPG was wrong in any way, simply that some
widely installed versions wouldn't support the hard/soft distinction,
should we choose to make one now.

Version: PGP Personal Privacy 6.5.3