[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Behavior of implementations regarding certain key material
Jon Callas <jon@xxxxxxxxxx> writes:
> At 10:46 AM +0200 5/26/00, Florian Weimer wrote:
> >From draft-ietf-openpgp-rfc2440bis-00, 126.96.36.199, "Reason for
> >| A revoked certification no longer is a part of validity
> >| calculations.
> >We were a bit surprised when we discovered this change to RFC 2440
> >because RFC 2440 primarily specifies the OpenPGP message format,
> >and not the behavior of implementations when they encounter certain
> >OpenPGP messages, much to our discomfort.
> Umm, so what is the problem? Is there a reason that a revoked certification
> *should* be part of validity calculations?
No, of course not. Our point is: There is no reason why an expired
certification should be part of validity calculations, either (at
least by default). Ditto for expired keys. But 2440bis does not
state what to do in these cases, and in fact, implementations already
show different behavior. This is quite annoying if you want to limit
in time the validity of your certificates. In the past, the only way
to do that was to revoke the certifying keys (yuk!); with 2440bis, you
have to revoke the certificates. Both options lead to a quickly
growing CRL, which is very suboptimal.
Just to make one thing clear: We do not want to standardize the
validity calculations themselves, nor the way the web of trust is
built. But we do want to have a set of conditions under which a
certificate or a key won't be considered by validity calculations at
Florian Weimer Florian.Weimer@xxxxxxxxxxxxxxxxxxxx
University of Stuttgart http://cert.uni-stuttgart.de/
RUS-CERT +49-711-685-5973/fax +49-711-685-5898