Extending the key expiration date

Werner Koch wk@gnupg.org
Fri Sep 7 10:48:01 2001

On Thu, 06 Sep 2001 23:20:56 +0200, Florian Weimer said:

> Not quite, CRLs are signed by the CA, and you can be sure that you
> have the most recent one, and that it contains all relevant
> revocations.
But only those the CA knows about - so this is not different to keyservers. The whole discussion on this topic is based on different assumptions, you are more thinking in terms of a hierarchical CAs, whereas most PGP users assume a decentralized network. -- Werner Koch Omnis enim res, quae dando non deficit, dum habetur g10 Code GmbH et non datur, nondum habetur, quomodo habenda est. Privacy Solutions -- Augustinus