(OT) encrypting to expired certificates

Robert J. Hansen rjh at sixdemonbag.org
Thu Sep 18 16:00:10 CEST 2014

> And to think I blew a gasket because I grossly misinterpreted this sentence:

To clarify:

I think that the body politic should thank producers of food for being
willing to throw away food (and thus, profit) in the interests of
preserving the safety of the public's food supply.  That's all.

The reason why I find the metaphor appropriate for GnuPG is because it
highlights the different responsibilities producers have versus
consumers.  A producer is expected to provide product (food, encrypted
communications, whatever) that exceeds the standard of the consumer.

Similarly, the use case of "I forgot to add a new expiration date on my
own key" is different from the use case of "my correspondent forgot to
add a new expiration date on his key".  These two use cases revolve
around policy, not mechanism.  In the former, whether you want to hack
up the system time to get around the expiration issue is wholly your
lookout -- whatever policy one decides, I neither get to judge it nor
comment on it.  In the latter, I get to say, "I cannot imagine a world
where this makes sense.  The certificate has expired; don't use it."

Again, producers are -- must be -- held to a higher standard than consumers.

Peter, I hope this makes my feelings on the matter clear.  It was not my
intent to tell you how to run your refrigerator, or that you are somehow
doing it incorrectly.

More information about the Gnupg-users mailing list