PGP and signing subkeys

David Shaw
Tue Dec 3 04:44:02 2002

On Mon, Dec 02, 2002 at 07:35:33PM -0800, Len Sassaman wrote:
> On Mon, 2 Dec 2002, David Shaw wrote:
> > I wouldn't call that a particularly great feature...  If a user sets
> > an expiration date, and that date has passed, the UI should note that
> > fact.  That signature is not "good" any longer.
> Well, I discovered this bug very late in the release cycle. In the beta 2
> of PGP 8, PGP reports a "bad" signature from whatever the primary key in
> the user's keyring happens to be (rather than the actual signing key). I
> think this is much better behavior.

Sure, but that seems to be an actual bug, rather than an "I wish".

The behavior is legal according to the spec, so I agree it's difficult
to argue adding a feature.  Especially difficult since PGP 8 does
correctly reject an unhandled critical signature subpacket, so there
is no real-world issue here.

If someone really cares about their expiration dates, they should mark
them as critical.  If they're not critical, then an implementation
should be free to ignore them (heck, GnuPG <= 1.0.6 did just that).


   David Shaw  |  |  WWW
   "There are two major products that come out of Berkeley: LSD and UNIX.
      We don't believe this to be a coincidence." - Jeremy S. Anderson