I was thinking of two dates, an expire and a warn. Admittedly, adding a few bytes to a key is not a big deal, but neither is the gain from a warn and expire date. If you want to be able to set a bit for 'use after expire,' I would see that as a reasonable thing. Adam Deranged Mutant wrote: | Adam Shostack <adam@lighthouse.homeport.org> wrote: | | DM wrote: | | > | PGP should give a warning when the key passes the expiration date. It | > | should not prevent you from using it, but should remind you that the | > | key is rather old, and that the owner may have moved, etc. | [..] | > Expire should mean expire, i.e., no longer valid, useful or | > useable. If you want to have a 'depreciated after' and an expire | > date, that might be useful, but it seems more like feeping creaturitis | > to me. It adds bulk to every key, when a better solution would be to | > have keys automatically deprecitated some time before they are due to | > expire. | | The reason I think a warning option is good (really, 1 bit bit flag | for warn rather than kill... that's "bulk" to every key?) is so that | if for whatever reason the key is used (say I am unable to get a | newer key for you but really need to send you a private message) I | have something to use... and you, if you choose to hold onto old | keys, can decrypt it. If not, the sender was warned. -- "It is seldom that liberty of any kind is lost all at once." -Hume