AW: Robot CA at toehold.com
Kyle Hasselbacher
kyle@toehold.com
Fri Dec 6 18:00:03 2002
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On Fri, Dec 06, 2002 at 10:37:28AM -0600, Kyle Hasselbacher wrote:
>[periodic challenges]
>>Of course, requirements here are
>> - a db of the uids that have been signed.
>> - publication of the key with revoked signatures.
>
>If I keep a list of UIDs that I've signed, I'd have to check the key
>servers to see which actually have my signature before I start challenging
>them. Just a detail.
On second thought, I'd rather expire signatures and make people get new
ones. If your service goes away and stops challenging the users, then the
signatures hang around forever. I'd rather they all expire forever.
- --
Kyle Hasselbacher
kyle@toehold.com
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (GNU/Linux)
Comment: For info see http://www.gnupg.org
iD8DBQE98Nf410sofiqUxIQRAj/WAJ9R9mthwktVXq3HaszS8xlFfTM8hQCgmWvI
AvZOM8oO3HOyyjQYhie4al4=
=2Hfl
-----END PGP SIGNATURE-----