Robot CA at toehold.com
Fri Dec 6 10:53:02 2002
At 11:13 2002-12-05 -0500, you wrote:
>On Thu, Dec 05, 2002 at 02:09:58PM +0100, Michael Nahrath wrote:
>> Verifying nothing but mail adresses can be valid for a limited time.
>> Mail addresses cange more often than real-life-identities.
>> Your signature should reflect this in some way.
>> Either you give signatures that expire after a certain time (eg 6 months).
>> I don't know if this is possible and if it doesn't raise a bunch of
>> compatibility problems.
>> Or you let the signing key expire (eg after 1 year).
>Better to expire the signatures themselves. If you expire your
>signing key, then everyone will have to get their key re-signed.
I agree. Otherwise the CA-service would be useless.
>> IMHO one encrypted communication path is mandatory. That would verify that
>> the holder of the mail address is also in posess of the secret key and the
>Yes, but it doesn't have to be encrypted. Signatures are made on the
>primary key, which is (99.9% of the time) a key that can sign. You
>can do the same thing by sending a challenge and asking for it to be
>signed. This is what I did with keysigners.org.
Agree! It is important to have the ability to sign signingkeys. Otherwise
the service would be useless in an automated environment (invisible GUI).
>Note also that OpenPGP defines multiple signature verification
>levels. I've argued in the past, and continue to argue now that any
>automated signer should use 0x11 "persona" signatures as a hint that
>this is an unusual signature.
0x11 means "I have not checked at all"? Then its the best choice.