Renewing expiring key - done correctly?

Ingo Klöcker kloecker at
Thu Dec 5 21:14:08 CET 2013

On Thursday 05 December 2013 19:47:57 Hauke Laging wrote:
> Am Do 05.12.2013, 19:30:07 schrieb Ingo Klöcker:
> > your assertion is correct.
> > 
> > 
> > In the first scenario
> > 
> > > > a) the key has been compromised and revoked and you don't know
> > > > that
> > > > (because your last certificate update was before the revocation
> > > > publishing)
> > 
> > it is incorrect because the attacker cannot extend the validity of
> > the revoked key.
> You misunderstand the attack.

No. I don't. :-) The attack involving control over the system time came 
up later in the thread.

For every countermeasure there is an attack that circumvents this 
countermeasure, bribery and torture probably being the most effective 
attacks. But this doesn't mean that your argument for using key 
expiration, i.e. to "force" the users of the key to update the key 
regularly, is wrong. It just means that your argument doesn't work if 
your adversary can control your system clock. OTOH, your argument works 
if the key has been compromised by an adversary like me and you, e.g. by 
a colleague of the key owner (who does not happen to work for a three 
letter organization).

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 198 bytes
Desc: This is a digitally signed message part.
URL: </pipermail/attachments/20131205/36931c04/attachment.sig>

More information about the Gnupg-users mailing list