encrypting to expired certificates

Doug Barton dougb at dougbarton.us
Wed Sep 17 01:31:07 CEST 2014

Hash: SHA256

On 9/16/14 3:38 PM, Hauke Laging wrote:
| Am Di 16.09.2014, 12:03:20 schrieb Doug Barton:
|> On 9/16/14 11:53 AM, Hauke Laging wrote:
|>> Am Di 16.09.2014, 10:31:00 schrieb Doug Barton:
|>>> .... which further highlights that adding options to make
|>>> life easier for people who don't understand what key expiry
|>>> means, or how to manage it properly, is probably not a good
|>>> idea. :)
|>> What I want would make life easier mostly for the contacts of
|>> those who don't manage their keys well.
|> Yes, I think we all understand that.
| I wonder why you made the above statement then.

Sorry I wasn't clear. I meant that what you want is clear to everyone.
The fact that it's a bad idea seems to remain unclear to you.

|>> Furthermore it seems proven to me now that even the elite of
|>> the OpenPGP users "don't understand what key expiry means".
|> I admire your determination to believe that you are the one who
|> is right, and that everyone else is wrong. :)
| I'm sorry if that is your impression. My impression is that we have
| seen that both opinions about the suitable interpretation are
| backed by several people. I.e. there is no concensus. And the
| majority of those who have commented supports my suggestion.

Even if your last statement were correct (and I don't think it is),
you should be careful drawing conclusions from it. The danger is that
people with unusual views (such as that "expired" doesn't mean
"expired") are more likely to comment than the proverbial "silent
majority" who, if they gave any thought to the topic at all, concluded
long ago that, "Of course 'expired' means 'expired,'" and moved on
with their lives.


Version: GnuPG v2


More information about the Gnupg-users mailing list