Adam Shostack <adam@lighthouse.homeport.org> wrote: I wrote:

| PGP should give a warning when the key passes the expiration date. It | should not prevent you from using it, but should remind you that the | key is rather old, and that the owner may have moved, etc. [..]

Expire should mean expire, i.e., no longer valid, useful or useable. If you want to have a 'depreciated after' and an expire date, that might be useful, but it seems more like feeping creaturitis to me. It adds bulk to every key, when a better solution would be to have keys automatically deprecitated some time before they are due to expire.

The reason I think a warning option is good (really, 1 bit bit flag for warn rather than kill... that's "bulk" to every key?) is so that if for whatever reason the key is used (say I am unable to get a newer key for you but really need to send you a private message) I have something to use... and you, if you choose to hold onto old keys, can decrypt it. If not, the sender was warned.

Also, the ability to extend the life of a key is fraught with danger. The longer a key is around, the more likely it is to become comprimised. The user might not be aware that the key is comprimised. Better to have an unchangeable date. (On a more technical level, allowing users to change the expiry date on a key means that the key's expiry date is not signed by the signatories, and an opponent who comprimised a key could simply change the expiry date on that key and send it to the servers, so that it would continue to be used, and your opponent could continue to read all your communications.)

Adam

-- "It is seldom that liberty of any kind is lost all at once." -Hume

--- "Mutant" Rob <wlkngowl@unix.asb.com> Send a blank message with the subject "send pgp-key" (not in quotes) for a copy of my PGP key.