Key lifetime

L. Sassaman rabbi@quickie.net
Thu, 15 Jun 2000 11:39:29 -0700 (PDT)


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 15 Jun 2000, Florian Weimer wrote:


> No, it isn't. The concept of key validty is beyond the scope of the
> RFC. For example, an implementation of RFC 2440 is free to consider
> all keys valid whose primary user ID happens to start with the letter
> 'A'. (I would be very glad if someone proved me wrong, it would make
> life easier for us. ;-)
In RFC2440bis2, look at "5.2.3.23. Reason for Revocation", "5.2.3.13. Trust signature", "5.2.1. Signature Types", etc. RFC 2440bis2 is fuzzy in its handling of key validity, but it is definately there. And you are correct... there are no MUSTs covering key validity, so an implementation is free to handle it as it pleases. But there are definately hints as to how validity should be done. This is also probably out of the scope of this list. We can take this off the list, or over to the OpenPGP mailing list, if you like. __ L. Sassaman System Administrator | "If you chose not to decide, Technology Consultant | you still have made a choice" icq.. 10735603 | pgp.. finger://ns.quickie.net/rabbi | --Rush -----BEGIN PGP SIGNATURE----- Comment: OpenPGP Encrypted Email Preferred. iD8DBQE5SSLoPYrxsgmsCmoRAuPqAJ93GldcYO82284/t1zQMVnFhqpWQQCfRNW6 tP4Gx+PThO4o6dymOEo5Zu8= =521J -----END PGP SIGNATURE-----