13 Jun 2000 10:50:08 +0200
"L. Sassaman" <firstname.lastname@example.org> writes:
> > > The longer the lifetime of a key, the more likely the key is to be
> > > compromised. If you chose to retire a key, be sure to link your new key
> > > with the old by signing it with the old before the old key expires.
> > Does this mean an expired key can still be used for computing trust?
> Yes. Read RFC 2440 if you're really interested.
Do you have a quote? I'm quite sure this issue is *not* covered by
Florian Weimer Florian.Weimer@RUS.Uni-Stuttgart.DE
University of Stuttgart http://cert.uni-stuttgart.de/
RUS-CERT +49-711-685-5973/fax +49-711-685-5898