encrypting to expired certificates

[Doug Barton]

On 9/15/14 12:06 PM, Hauke Laging wrote:
> Am Mo 15.09.2014, 09:47:21 schrieb David Shaw:
>
>> >I disagree with this.  Expiration is the way the key owner (the person
>> >who knows best whether the key should be used or not) tells the
>> >world, "Do not use this key after this date".
 >>
> Where do you take that from? Neither the RfC uses this description nor
> GnuPG nor any GUI I know.

Hauke,

Is this perhaps a language issue? The common English meaning of the word 
"expire" is that after the date listed the thing that expired is no 
longer valid/good/useable/etc. As far as I can tell, everyone on this 
list who responded to you had the same understanding, which is that 
after the expiration date the key is no longer valid. (A view I share, 
FWIW.)

Meanwhile, you're presenting the options for an expired key as "use the 
key, or send plain text." There is a third, and I daresay significantly 
more preferable option, which is to use OOB communication to ascertain 
how the other party would like you to proceed.

Imagine this scenario ... Alice sets an expiration date on her key 
because she knows that after that expiration date her key is:

1. Likely to be compromised
2. Certain to be compromised
3. No longer in her control
4. Is actually now in Mallory's control
5. Other

You have no way to know which of those scenarios is the case. Further 
(assuming that you took the step of refreshing Alice's key) you have no 
way to know why she did not update the expiry date.

In this situation, it is certainly NOT safe to use that key for 
encryption, and in fact "Don't send the message at all" is almost 
certainly the right answer, unless you can determine in some OOB manner 
what Alice wants you to do.

So FWIW, I think that GnuPG is doing the right thing here, and you may 
wish to reconsider your perspective on the issue.

hth,

Doug