Extending the key expiration date
David Shaw
dshaw@jabberwocky.com
Wed Sep 5 20:34:02 2001
On Wed, Sep 05, 2001 at 08:08:39PM +0200, Florian Weimer wrote:
> David Shaw <dshaw@jabberwocky.com> writes:
>
> > On Wed, Sep 05, 2001 at 08:39:35AM +0200, Florian Weimer wrote:
> > > Subba Rao <subba9@home.com> writes:
> > >
> > > > Is it possible to edit the expiration date of the current key?
> > >
> > > Yes, it's even possible without invalidating certificates. This is a
> > > known design flaw in OpenPGP.
> >
> > I wouldn't call it a flaw. I'd call that a feature :) Having to
> > revoke the self-signature and put a new one in place will lead to huge
> > trails of self-signatures followed by certificate revocations followed
> > by more self-signatures every time the user changed their preferences.
>
> Eh, sorry, I don't see the relevance of this in the light of key
> expiration times.
I was referring to self-signature replacement in-place (rather than
revoking the old self-sig and adding a new one). Is that not what you
were referring to?
David
--
David Shaw | dshaw@jabberwocky.com | WWW http://www.jabberwocky.com/
+---------------------------------------------------------------------------+
"There are two major products that come out of Berkeley: LSD and UNIX.
We don't believe this to be a coincidence." - Jeremy S. Anderson