Expiring UID

Nicholas Cole npcole at yahoo.co.uk
Sat Nov 5 18:28:43 CET 2005

--- David Shaw <dsdshawajabberwockyom> wrote:

> On Fri, Nov 04, 2005 at 04:59:01PM +0000, Nicholas
> Cole wrote:
> > Am I right that there is no easy way to create an
> > expiring UIUIDas opposed to an expiring key).
> > 
> > --ask-cert-expire seems to be ignored when using
> > adadduidn the edit menu.
> > 
> > Is there a good reason for this?    
> Honestly, no good reason.  There are a few iffy
> reasons in nobody ever
> asked for this feature before, and that it would be
> of doubtful
> compatibility outside of GnGnuPG

It's not that I see a desperate need for the feature,
it just seemed an interesting omission, and I wondered
what the reason was.

I'm surprised that compatibility is a problem - I
assumed it would be done by having the self-signature
on a UIUIDe created with an expiration date, which
surely all OpOpenPGPrograms would notice.

The situation I thought it would be useful for is if a
UIUIDs associated with a job/position that will only
last a fixed period of time - especially if access to
the account might change after that point.

Including it would probably require numerous changes,
such as asking a 3rd-party signer if a signature
should expire at the same time as the self-sisig..

As I say, probably little/no need.  Just an
interesting quirk.



Yahoo! Messenger - NEW crystal clear PC to PC calling worldwide with voicemail http://uk.messenger.yahoo.com

More information about the Gnupg-users mailing list