On Saturday 28 April 2007, Mario Ruiz wrote: > Having said that, I realize that it does not matter if you only use the > certs temporarily for encrypting/signing just while in transit and the > document returns to its clear text once it hits the target system. If > you encrypt them for the long term you may never recover them. Better > check it out!, I'm sure the guys from Argus have considered this use > case, is that right?.
As I said - an "expired" certificate / key CAN NOT prevent you from decrypting the message at any stage in the future! (unless the ass who wrote the software you are using implemented this as a "feature", but fortunately - if you use standard OpenPGP or X.509 cryptography, there is absolutely nothing to stop you from using alternative software for the purpose of decrypting the message despite of expired key (eg you can do this using the OpenSSL libraries) Horst _______________________________________________ Gpcg_talk mailing list [email protected] http://ozdocit.org/cgi-bin/mailman/listinfo/gpcg_talk
