encrypting to expired keys (was Re: Expire-date of subkey problem)

David Shaw dshaw@jabberwocky.com
Fri Aug 22 05:50:02 2003 

--J/dobhs11T7y2rNN
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

On Thu, Aug 21, 2003 at 04:48:43PM -0400, Jason Harris wrote:
> On Wed, Aug 20, 2003 at 05:53:09PM -0400, David Shaw wrote:
>=20
> > I'll admit to a certain curiosity as to why someone would want to do
> > such a thing.  This key is no more.  It has ceased to be.  It's
> > *expired*.
>=20
> > Using it after expiration is against the express wishes of the person
> > who put the key out there in the first place - the key owner.
>=20
> Assuming the keyholder can figure out their software and can easily
> transmit key updates to those who would use the otherwise-expired key,
> then yes.  But, just as one can use a telephone to verify the finger-
> print of a new key, one should also be able to say: "Use my existing key
> for another week, I'm unable to create and transmit a new one right now."
> Why preclude this?

The protocol doesn't preclude this, of course, but then again, the
protocol doesn't preclude nearly anything.

There are many things that could theoretically be overridden by a
smart user who "knows better".  Unrevoke keys, unexpire user IDs or
subkeys, change key flags (turn a sign-only key into an encryption
key, etc) and so on.  In general, I'm somewhat against this sort of
thing unless there is a pretty concrete example of it being needed in
the field.  It's always possible to construct a reason why a
particular validation needs to be overridden ("Oops, I didn't mean to
revoke my key - it's okay, go ahead and use it anyway" or "I don't
have time to sign Joe's key right now, but go ahead and use it as if I
had signed it."), but every override gives additional complexity to
GnuPG and is an additional place where the wrong thing can happen (How
sure are you that you spoke to the right person on the phone?  Are you
sure that the "Joe" key that is being authorized is the same "Joe"
that you have a copy of?)

David

--J/dobhs11T7y2rNN
Content-Type: application/pgp-signature
Content-Disposition: inline

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.3rc2 (GNU/Linux)
Comment: Key available at http://www.jabberwocky.com/david/keys.asc

iEYEARECAAYFAj9Fk1EACgkQ4mZch0nhy8n0UgCg3N0pE/id6MA3tOXDIZFyFBZS
ODsAniKSb6tqUSHBdfjglI5xwm7YfKxl
=B3N+
-----END PGP SIGNATURE-----

--J/dobhs11T7y2rNN--