Extending the key expiration date
Thu Sep 6 17:34:01 2001
Florian Weimer wrote/napisał[a]/schrieb:
> "Janusz A. Urbanowicz" <email@example.com> writes:
> > If a personal key is not compromised after expiry period, it should
> > be perfectly legal to reset the expiry date for a next period. This
> > saves a lot of hassle with key distribution, establishing trust etc.
> But this approach is completely broken from a security point of view.
Can you elaborate?
> Key expiration is usually used to impose a hard limit on the lifetime
> of a key. As a result, the key is not as valuable as one with an
> unlimited lifetime.
I repeat myself - this is what CRLs and revocations are for. If a key has to
have imposed hard limit, you generate a key with revocation and release the
revocation after the time limit is up.
> I don't see how your approach differs from not setting a key
> expiration time at all.
If key has no limit, it will be valid forever until the revocation is
released. If a key expired and had expiration date reset to new time limit,
it means that its owner believes it to be not compromised and prolongs its
use for next validity period. If a key has expiration time and was not
renewed it means that nobody cared to renew it or revoke it and should not
to be used.
Your method of generating new and new keys has two deficiencies - is prone
to man in the middle attack, and pollutes the keyrings.
Janusz A. Urbanowicz | ALEX3-RIPE | SF-Framling | Thawte Web Of Trust Notary
Gdy daję biednym chleb, nazywają mnie świętym. Gdy pytam,
dlaczego biedni nie mają chleba, nazywają mnie komunistą. - abp. Helder Camara