On 9/16/14 6:58 AM, Daniel Kahn Gillmor wrote:
I've been in a situation where i'm sitting with a friend, talking about
a project we're hoping to work on together, and i wanted to send them
confidential information about the project to read later. I know they
have an OpenPGP cert, so i fire up an e-mail, only to discover that
their cert is expired (they don't use it often, and hadn't noticed).
I point it out to them, they blush and say "yeah, that's on my laptop,
which is fine, but it's at home. I'll update the expiration date when i
get home".
I agree with Robert that symmetric encryption is your best bet, given
that you're sitting right there.
Meanwhile, all of the real world cases listed so far involve people who
have mismanaged their keys by not updating their expiration date. I'm
not sure that adding features to make that situation less painful is the
right direction to move.
I do like Werner's idea of moving the expiration date to the expert
menu. That would give us less instances of users twisting a knob just
because it's there.
Doug
_______________________________________________
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users
