17 Dec
2003
17 Dec
'03
11:17 p.m.
Hal Finney suggests expiring old keys. The first thing we would need is a way to clear the keyservers of such dead keys.
One way to expire keys is to simply declare that any old PGP key more than two years old is expired.
There is no way to know now when a key was sent to a server, so it is hard to know when to delete it.
You can use the date in the PGP key structure to timeout on.
The web of trust model does not lend itself easily to key expirations, because this requires you to frequently get people to re-sign your key, and to re-sign the keys of others. This creates the opportunity for the "here's my new key, and I haven't got it resigned yet" attack.
Everyone should sign their new keys with their old ones. Eric