David Shaw on Sun, 16 Feb 2003 10:18:04 -0500


[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

Re: [PLUG] how to lose your rights and freedom...


On Fri, Feb 14, 2003 at 06:59:46PM -0500, gabriel rosenkoetter wrote:

> This is the reason for key expiry. I've never seen anyone expire
> their keys at the necessary frequency to be operable against the US
> federal government (it's have to be weekly at a bare minimum). My
> PGP doesn't expire at all, because all the available keyserver
> software (espcially pks, the most popular) is broken in a way that
> makes it impossible to use keys with multiple subkeys (adding a
> later expiry date to an existing key works by adding another subkey
> to it).

Nit: it's a new self-signature, not a new subkey.

Only one keyserver is broken in this regard.  Alas, it is also the
most common (pks, as you say).  However, the PGP LDAP keyserver
handles this correctly (ldap://keys.pgp.com), as well as SKS
(http://sks.sourceforge.net).

David

-- 
   David Shaw  |  dshaw@jabberwocky.com  |  WWW http://www.jabberwocky.com/
+---------------------------------------------------------------------------+
   "There are two major products that come out of Berkeley: LSD and UNIX.
      We don't believe this to be a coincidence." - Jeremy S. Anderson
_________________________________________________________________________
Philadelphia Linux Users Group        --       http://www.phillylinux.org
Announcements - http://lists.netisland.net/mailman/listinfo/plug-announce
General Discussion  --   http://lists.netisland.net/mailman/listinfo/plug