On Mon, Sep 15, 2014 at 6:19 PM, Robert J. Hansen <[email protected]> wrote: >> Respectfully, Hauke, we just disagree on this. But your last >> comment raises a crucial point that I think has bugged OpenPGP for >> far too long: the software we use for OpenPGP has actually been far >> too liberal about letting people use "not valid" keys. > > If by "too liberal" you mean "it's possible to do it," then I don't see > how to avoid it. You'd need a trusted timestamp on the certificate and > a trusted timestamp on the machine using the certificates, and trusted > timestamps are a hard, *hard* problem. > > Yes, OpenPGP is quite permissive about letting people encrypt to expired > certificates, but I think that's more a factor of it being incredibly > hard to prevent it than it is any neglect on the part of the OpenPGP > authors.
Sorry. I've confused too issues. Yes, it is hard to enforce expiry dates in a 'secure' way. I wasn't meaning to suggest it was something openpgp should try to do. I don't think we should make it easy to ignore them, that's all. No the other issue I was pointing to was that many users (probably) never bother to certify the keys of the people they communicate with and just ignore the fact that the keys are invalid. Because it is easy (though unwise) to use PGP/GPG in this way, I don't think developers have really paid enough attention to encouraging users to certify the keys they are trying to use or to use keys that are in a web of trust (nb. a web of trust not The Web Of Trust). Instead, we've actually had endless threads about when to 'sign' keys (only if three passports produced that have been certified by unicorns etc) that are probably very off-putting to new users. _______________________________________________ Gnupg-users mailing list [email protected] http://lists.gnupg.org/mailman/listinfo/gnupg-users
