On Fri, May 6, 2011 at 23:07, MFPA <expires2...@ymail.com> wrote: > On Friday 6 May 2011 at 9:48:26 PM, in > <mid:banlktim3-dgy2ngvetevfjsxng8m5c2...@mail.gmail.com>, Jerome Baum > wrote: > > > > If my key expired yesterday, no-one can > > forge a message with that key and claim it's from > > today. > > > Never heard of a system clock that was wrong?
I'll give a summary reply here for everyone stating it's still possible to make that signature. It's possible if the master key is compromised. I was assuming a sub-key with an expiration date. I haven't checked, but I pray that sub-key expiration dates are signed with the master key. That sub-key, by the way, was also the original context where I mentioned the forgery. -- Jerome Baum tel +49-1578-8434336 email jer...@jeromebaum.com -- PGP: A0E4 B2D4 94E6 20EE 85BA E45B 63E4 2BD8 C58C 753A PGP: 2C23 EBFF DF1A 840D 2351 F5F5 F25B A03F 2152 36DA
_______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
