AW: Robot CA at toehold.com
Adrian 'Dagurashibanipal' von Bidder
avbidder@fortytwo.ch
Sat Dec 7 12:46:02 2002
--=-ttPD2bz6w98S8f0+Z+oe
Content-Type: text/plain
Content-Transfer-Encoding: quoted-printable
On Fri, 2002-12-06 at 18:01, Kyle Hasselbacher wrote:
> On Fri, Dec 06, 2002 at 10:37:28AM -0600, Kyle Hasselbacher wrote:
> >[periodic challenges]
> On second thought, I'd rather expire signatures and make people get new
> ones. If your service goes away and stops challenging the users, then th=
e
> signatures hang around forever. I'd rather they all expire forever.
That's why I'd have the signatures expire after a relatively long time
(5 years or so). So, if the service goes away, there's only a limited
window where any damage can be done.
I think 5 years is reasonable - not many people I've known have changed
their email address frequently, especially the private email address.
cheers
-- vbi
--=20
this email is protected by a digital signature: http://fortytwo.ch/gpg
NOTE: keyserver bugs! get my key here: https://fortytwo.ch/gpg/92082481
--=-ttPD2bz6w98S8f0+Z+oe
Content-Type: application/pgp-signature; name=signature.asc
Content-Description: This is a digitally signed message part
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (GNU/Linux)
iHMEABECADMFAj3x39ssGmh0dHA6Ly9mb3J0eXR3by5jaC9sZWdhbC9ncGcvZW1h
aWwuMjAwMjA4MjIACgkQi6Qxi+Wn99Yl0QCguh60UH+y5oC0Poo0kfPo8GSzJmcA
n0kCF19JIEgwpnS+7NV9kLIiSqWT
=9Tts
-----END PGP SIGNATURE-----
Signature policy: http://fortytwo.ch/legal/gpg/email.20020822
--=-ttPD2bz6w98S8f0+Z+oe--