encrypting to expired certificates
Doug Barton
dougb at dougbarton.us
Tue Sep 16 00:24:58 CEST 2014
On 9/15/14 3:10 PM, Robert J. Hansen wrote:
>> What we do know is that at this time Hauke's correspondent is not in
>> control of her key, and as a result it's not safe to encrypt content
>> to it.
>
> Minor nit: it is not that we know Hauke's correspondent is not in
> control of her key -- it is that we do not know if she is.
In dkg's version of this particular conjecture he said, "his peer
doesn't have the means to update the cert's expiration date right now."
I think my conclusion, "she does not currently have control of her key"
is reasonable, although I admit to a bit of hyperbole in order to make
my version of the conjecture seem more dramatic. :)
OTOH, what scenario do you envision where not having the means to update
the certificate does not translate into not having control of the key,
even if on a temporary basis? I'm not saying that the key is compromised
... simply that she does not have access to all the things she needs
("secure" computer, the secret key, etc.) at this time. If you don't
call that "not in control" what terminology do you think is more
appropriate?
Doug
More information about the Gnupg-users
mailing list