On Sun, Oct 3, 2010 at 10:18 AM, Joe Abley <jab...@hopcount.ca> wrote:
> > On 2010-10-03, at 12:32, Eric Rescorla wrote: > > > Why? > > Are you asking because you've reviewed those discussions and have issues > with them, or because you didn't review those discussions? > I'm asking because I'm pretty familiar with cryptography and I know that keys don't suddenly become worthless just because they get past their intended use lifetime. The semantics of signature security of old keys is a lot more complicated than that. If there's some particular discussion that you'd like me to review that makes the case that this is different, please point me at it. > > I'm not entirely sure the answer shouldn't be "because we manage the keys, > and we say so" actually. If that's the answer, then I most certainly do not agree. -Ekr
_______________________________________________ DNSOP mailing list DNSOP@ietf.org https://www.ietf.org/mailman/listinfo/dnsop