Extending the key expiration date

[Florian Weimer]

"Janusz A. Urbanowicz" <alex@bofh.torun.pl> writes:

> > If an attacker obtains your secret key, he can arbitrarily increase
> > the lifetime of the key, thus increasing its value.
> 
> It is no more flaw that the one lately announced about not-signing
> date, originator and recipients of the message.

But it's clearly a regression!  The V3 key format does not show this
kind of problem.

> By definition if an attacker have your secret key, he can do
> anything. You may call it a flaw in whole pulic key cryptography
> concept.

This is certainly wrong.  For example, the attacker cannot override
already distributed revocation certificates.  Reliable expiration of
keys is required to be able to cut down the length of certification
revocation lists for most applications.  Otherwise, large-scale CAs
might become unusable after a few years of operation.

-- 
Florian Weimer 	                  Florian.Weimer@RUS.Uni-Stuttgart.DE
University of Stuttgart           http://cert.uni-stuttgart.de/
RUS-CERT                          +49-711-685-5973/fax +49-711-685-5898