Expiring UID
Nicholas Cole
npcole at yahoo.co.uk
Sat Nov 5 18:28:43 CET 2005
--- David Shaw <dsdshawajabberwockyom> wrote:
> On Fri, Nov 04, 2005 at 04:59:01PM +0000, Nicholas
> Cole wrote:
> > Am I right that there is no easy way to create an
> > expiring UIUIDas opposed to an expiring key).
> >
> > --ask-cert-expire seems to be ignored when using
> > adadduidn the edit menu.
> >
> > Is there a good reason for this?
>
> Honestly, no good reason. There are a few iffy
> reasons in nobody ever
> asked for this feature before, and that it would be
> of doubtful
> compatibility outside of GnGnuPG
It's not that I see a desperate need for the feature,
it just seemed an interesting omission, and I wondered
what the reason was.
I'm surprised that compatibility is a problem - I
assumed it would be done by having the self-signature
on a UIUIDe created with an expiration date, which
surely all OpOpenPGPrograms would notice.
The situation I thought it would be useful for is if a
UIUIDs associated with a job/position that will only
last a fixed period of time - especially if access to
the account might change after that point.
Including it would probably require numerous changes,
such as asking a 3rd-party signer if a signature
should expire at the same time as the self-sisig..
As I say, probably little/no need. Just an
interesting quirk.
Cheers,
N.
___________________________________________________________
Yahoo! Messenger - NEW crystal clear PC to PC calling worldwide with voicemail http://uk.messenger.yahoo.com
More information about the Gnupg-users
mailing list