Robot CA at

David Shaw
Thu Dec 5 17:13:01 2002

On Thu, Dec 05, 2002 at 02:09:58PM +0100, Michael Nahrath wrote:

> Verifying nothing but mail adresses can be valid for a limited time.
> Mail addresses cange more often than real-life-identities.
> Your signature should reflect this in some way.
> Either you give signatures that expire after a certain time (eg 6 months).
> I don't know if this is possible and if it doesn't raise a bunch of
> compatibility problems.
> Or you let the signing key expire (eg after 1 year).

Better to expire the signatures themselves.  If you expire your
signing key, then everyone will have to get their key re-signed.

> Important:
> IMHO one encrypted communication path is mandatory. That would verify that
> the holder of the mail address is also in posess of the secret key and the
> passphrase.

Yes, but it doesn't have to be encrypted.  Signatures are made on the
primary key, which is (99.9% of the time) a key that can sign.  You
can do the same thing by sending a challenge and asking for it to be
signed.  This is what I did with

Note also that OpenPGP defines multiple signature verification
levels.  I've argued in the past, and continue to argue now that any
automated signer should use 0x11 "persona" signatures as a hint that
this is an unusual signature.


   David Shaw  |  |  WWW
   "There are two major products that come out of Berkeley: LSD and UNIX.
      We don't believe this to be a coincidence." - Jeremy S. Anderson