Set date for signature to expire

Per Tunedal Casual pt at
Wed Jun 8 02:09:59 CEST 2005

Hash: SHA1

At 15:40 2005-06-07, you wrote:
 >On Mon, 6 Jun 2005 12:20:33 -0400, Anonymous  said:
 >> #2. A statement that you trust that the UID accurately reflects the
 >> true ownership of the key.
 >I just wonder how to decide how long this ownership is valid.  A year,
 >a month, a day, a minute or even already void in the past?  The owner
 >usually can't and you can't for sure give any reasonable estimation.
 >   Werner
True, but it might be convenient anyhow. The shorter the time, the safer
the guess!

One way is to assume that the key is attacked immediately and that all the
security is in the passphrase. Make an estimation of the strength of the
passphrase and you are done!

Issuers of X509 certificates use 1 year for soft certificates and 5 years
for card certificates. I don't know their calculations behind that decision.

Per Tunedal

Version: GnuPG v1.4.1 (MingW32) - GPGrelay v0.959
Comment: Vad är en PGP-signatur?


More information about the Gnupg-users mailing list