On Tue, 21 Dec 2004, Ben Laurie wrote:
The point about this new one is it allows keys that are wrong (i.e. do not belong to the email address) or no longer have private keys available to be expired.
Though I kind of dislike that; I intentionally keep older email addresses on my key as in the period I worked for that employer I signed things as in that role - and those keys still are valid in that sense.
This doesn't affect their historical accuracy, of course, just whether you can fetch them from keyservers.
I guess this forces us to start to become more careful about role accounts :-)
Role accounts suck.
-- http://www.apache-ssl.org/ben.html http://www.thebunker.net/
"There is no limit to what a man can do or how far he can go if he doesn't mind who gets the credit." - Robert Woodruff
--------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
