Am 15.09.2014 um 14:10 schrieb Hauke Laging: > > I agree. But expiration does not necessarily mean "don't use at all". > Expiration is not the same as revocation. This is not affected by the > fact that revocation may be impossible (private key lost and > compromised). > > The RfC is quite clear about revocations. It is not about expirations. > > http://tools.ietf.org/html/rfc4880#section-5.2.3.3 > > > Expiration is a good feature. Handling expired keys in this way > discourages using expiration dates, though.
2 arbitrary use cases: 1. One uses the expiration date as a reminder, to think about maybe updating it to new standards or what so ever. In this case, a warning when using an expired case is enough. 2. One lives in an hostile environment and it is possible that someone can retrieve his private-key/pass-phrase and prevents him from revoking the key. In this case preventing someone from sending you information which might harm your well being is a good thing.* Since the sender can't know how you use the expiration date I guess the more conservative approach is the safer one if you consider extreme cases like scenario 2. Greetings Martin *This is probably highly theoretical, I don't know. _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
