[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Key Eater Needed

To: [email protected]
Subject: Key Eater Needed
From: [email protected] (Eric Hughes)
Date: Sun, 17 Apr 94 07:54:18 -0700
Cc: [email protected]
In-Reply-To: Mike Ingle's message of Sun, 17 Apr 1994 04:42:46 -0400 (EDT) <[email protected]>
Sender: [email protected]

>Hal Finney suggests expiring old keys. The first thing we would need is a
>way to clear the keyservers of such dead keys. 

One way to expire keys is to simply declare that any old PGP key more
than two years old is expired.

>There is no way to know now when a key was sent to a server, so it is hard
>to know when to delete it. 

You can use the date in the PGP key structure to timeout on.

>The web of trust model does not lend itself easily to key expirations,
>because this requires you to frequently get people to re-sign your key,
>and to re-sign the keys of others. This creates the opportunity for the
>"here's my new key, and I haven't got it resigned yet" attack. 

Everyone should sign their new keys with their old ones.  

Eric

Follow-Ups:
- Re: Key Eater Needed
  - From: Derek Atkins <[email protected]>

References:
- Key Eater Needed
  - From: Mike Ingle <[email protected]>

Prev by Date: RE: Laundering money through commodity futures
Next by Date: If however Dolphin Encrypt was extremely strong ...
Prev by thread: Key Eater Needed
Next by thread: Re: Key Eater Needed
Index(es):
- Date
- Thread