Set date for signature to expire

Anonymous unknown_kev_cat at
Mon Jun 6 18:20:33 CEST 2005

> Your are mixing up two things: The statement that you checked the
> owneership of the key at a certain date and how far you trust the
> owner of the key to implement decent keymanagment abilities.
I know that the OpenPGP group has taken great pains to not define trust. It 
leaves trust to be defined by the user and/or the application.
That said a signature on a key  can be one of two things, depending on 
#1. A satement that you have checked the ownership of the key at the 
indicated time.
#2. A statement that you trust that the UID accurately reflects the true 
ownership of the key.

Both have the same meaning as far as ownership checks, as i would not trust 
that the UID reflects the true ownership of the key well enough to sign it 
unless i have verified identity. However the second one does have a 
reasonable reason for signature expiration.
Both are reasonable, and I suspect that many people take the second view, 
even if the first view is the official one.

> Salam-Shalom,
>   Werner 

More information about the Gnupg-users mailing list