Robot CA -- thanks for the suggestions.

Kyle Hasselbacher
Sun Dec 8 07:49:01 2002

Hash: SHA1

I won't make a habit of announcing changes here, since I don't think it's
the place for it, but all the changes I made tonight are a result of
suggestions made on this mailing list.  I thought folks might be
interested.  The web page reflects these changes already:

- - The robot's responses are encrypted with the key it's signing.
- - The robot's signatures are "persona" signatures.
- - The robot's signatures include a policy URL.
- - The robot's signatures expire after three months.
- - It's under RCS, so you have revision numbers.
- - I signed the code, so you can verify it when you get it.
- - There's an option in the code (that I'm not using) to ignore a UID if it
  contains more than just an email address (so the robot doesn't appear to
  verify anything it isn't verifying).

I didn't really get to test that last one much.  When I make a key with
GnuPG, it wants my real name to be at least five characters.  I didn't
spend much time looking for a way to generate an email-only UID.

I'm thinking about revoking the current robot key (that doesn't expire) and
creating a new one that expires in a few years.

Thank you all for the suggestions.  I've gotten a lot out of the discussion
- -- 
Kyle Hasselbacher | We need free speech in this country  | so we can identify the jerks out there. -- Ted Nugent
Version: GnuPG v1.0.6 (GNU/Linux)
Comment: For info see