Expiring UID
Christoph Anton Mitterer
cam at mathematica.scientia.net
Sun Nov 13 02:53:22 CET 2005
Ok,.. my answer to this is a little bit late but here it is ... ;-)
>It's not that I see a desperate need for the feature,
>it just seemed an interesting omission, and I wondered
>what the reason was.
>
>I'm surprised that compatibility is a problem - I
>assumed it would be done by having the self-signature
>on a UIUIDe created with an expiration date, which
>surely all OpOpenPGPrograms would notice.
>
>The situation I thought it would be useful for is if a
>UIUIDs associated with a job/position that will only
>last a fixed period of time - especially if access to
>the account might change after that point.
>
>Including it would probably require numerous changes,
>such as asking a 3rd-party signer if a signature
>should expire at the same time as the self-sisig..
>
>As I say, probably little/no need. Just an
>interesting quirk.
>
>
Ok,.. you're right that there is probably not much need for this feature.
First of all in most cases you wouldn't know the exact date when an UID
will become invalid (e.g. you cannot predict when you'll lose your job
or so ;-) ).
The only similar thing is the following: You have some role X for an
limited time (which is known in advance) e.g. President of Germany (5
year term, maximum of two terms). So you could add an UID "President of
the Federal Republic of Germany <mail at bundespraesident.de>" or so. But
even in such a case,.. it would be better to create a key that signs the
key of somebody who is in role X for a limited time.
I'm going too (with support of some professors) introduce such a system
on my university. There will be a key which signs the keys of enrolled
sutdents (but the signature is valid only for one term and had to be
renewed at the end) thus certifing that someone is enrolled student of
the university.
However, I think,.... if the standard supports expiring UIDs they should
be supported by gnupg :)
Just my 2 cents....
Best wishes,
Chris.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: cam.vcf
Type: text/x-vcard
Size: 449 bytes
Desc: not available
Url : /pipermail/attachments/20051113/b1e38142/cam.vcf
More information about the Gnupg-users
mailing list