a bunch of questions
Peter Lebbing
peter at digitalbrains.com
Fri Nov 10 12:20:36 CET 2017
On 10/11/17 09:50, Francesco Ariis wrote:
> A general word on expiry dates: you can always modify them as you
> go (that's what I do), they are not set in stone?
Well, this depends on your threat model. If I can control what one of
your peers sees, I could strip the self-signatures that change the
expiry date, only keeping the ones that I agree with.
So if you have a self-signature from 16 Dec 2010 that says the key does
not expire, and a self-signature from 10 Nov 2017 that says the key
expires in two years, I could manipulate it such that the second
self-signature never reaches this peer but everything still verifies.
Then the manipulated peer thinks the key will never expire, and I can
"keep the key going" forever.
If however you only ever extend the expiry dates, an attacker could only
fake your still valid key to be expired, rather than the more
troublesome case of faking your expired key to be still valid.
HTH,
Peter.
--
I use the GNU Privacy Guard (GnuPG) in combination with Enigmail.
You can send me encrypted mail if you want some privacy.
My key is available at <http://digitalbrains.com/2012/openpgp-key-peter>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 488 bytes
Desc: OpenPGP digital signature
URL: <https://lists.gnupg.org/pipermail/gnupg-users/attachments/20171110/2358ebed/attachment.sig>
More information about the Gnupg-users
mailing list