[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
-----BEGIN PGP SIGNED MESSAGE-----
From: "David Shaw" <dshaw@xxxxxxxxxxxxxxx>
> Whoah - I am not proposing that. My comments were in the context of
> how a potential v5 key format could work (and as a side note on how
> GnuPG handles a v3 key with a v4 selfsig). That's all. As I see it,
> without an expiration date *in the key packet*, there is no true
> "hard" expiration date. I agree with Jon's analysis.
OK... sorry about that. I agree that a new key format could address this
if anyone cared enough. (I don't. Revocation is good enough... which
leads me to wonder how PGP/GnuPG would treat a post-dated revocation,
but that's another unnecessary digression. :-)
> GnuPG 1.0.6 is fairly old now.
It may be old in a CVS sense. There's a lot of it out there, though...
it's in the RedHat 7.2AS and 7.3 releases, for example. It was the
only official Windows build for a *long* time.
My point was not that GnuPG was wrong in any way, simply that some
widely installed versions wouldn't support the hard/soft distinction,
should we choose to make one now.
-----BEGIN PGP SIGNATURE-----
Version: PGP Personal Privacy 6.5.3
-----END PGP SIGNATURE-----