Expiring UID

Christoph Anton Mitterer cam at mathematica.scientia.net
Sun Nov 13 02:53:22 CET 2005

Ok,.. my answer to this is a little bit late but here it is ... ;-)

>It's not that I see a desperate need for the feature,
>it just seemed an interesting omission, and I wondered
>what the reason was.
>I'm surprised that compatibility is a problem - I
>assumed it would be done by having the self-signature
>on a UIUIDe created with an expiration date, which
>surely all OpOpenPGPrograms would notice.
>The situation I thought it would be useful for is if a
>UIUIDs associated with a job/position that will only
>last a fixed period of time - especially if access to
>the account might change after that point.
>Including it would probably require numerous changes,
>such as asking a 3rd-party signer if a signature
>should expire at the same time as the self-sisig..
>As I say, probably little/no need.  Just an
>interesting quirk.
Ok,.. you're right that there is probably not much need for this feature.
First of all in most cases you wouldn't know the exact date when an UID 
will become invalid (e.g. you cannot predict when you'll lose your job 
or so ;-) ).

The only similar thing is the following: You have some role X for an 
limited time (which is known in advance) e.g. President of Germany (5 
year term, maximum of two terms). So you could add an UID "President of 
the Federal Republic of Germany <mail at bundespraesident.de>" or so. But 
even in such a case,.. it would be better to create a key that signs the 
key of somebody who is in role X for a limited time.

I'm going too (with support of some professors) introduce such a system 
on my university. There will be a key which signs the keys of enrolled 
sutdents (but the signature is valid only for one term and had to be 
renewed at the end) thus certifing that someone is enrolled student of 
the university.

However, I think,.... if the standard supports expiring UIDs they should 
be supported by gnupg :)

Just my 2 cents....

Best wishes,
-------------- next part --------------
A non-text attachment was scrubbed...
Name: cam.vcf
Type: text/x-vcard
Size: 449 bytes
Desc: not available
Url : /pipermail/attachments/20051113/b1e38142/cam.vcf

More information about the Gnupg-users mailing list