[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[ale] What happen when...

Subject: [ale] What happen when...
From: warlord at MIT.EDU (Derek Atkins)
Date: Mon, 08 Sep 2014 12:09:38 -0400
In-reply-to: <[email protected]> (James Earl Smith's message of "Fri, 05 Sep 2014 18:46:32 -0400")
References: <[email protected]>

James Earl Smith <feenix3k at aim.com> writes:

> I was just wondering what happens to a valid signature on a gpg key
> when the key is revoked or goes out of date ?
>
> I have two keys that are a few years old. I looked over the signatures
> of the keys that signed mine , several have been revoked. So, does
> this lessen the strength of my key, are the signatures are still valid?

It's all about interpretation, which is all in the eye of the beholder.
RFC 4880 (the latest OpenPGP specification) does not talk about that.

Technically, yes, the signature will still verify even when the key has
expired.  However most implementations will notice the expiration and
effectively ignore any trust from that.

> James Earl Smith

-derek

-- 
       Derek Atkins, SB '93 MIT EE, SM '95 MIT Media Laboratory
       Member, MIT Student Information Processing Board  (SIPB)
       URL: http://web.mit.edu/warlord/    PP-ASEL-IA     N1NWH
       warlord at MIT.EDU                        PGP key available

References:
- [ale] What happen when...
  - From: feenix3k at aim.com (James Earl Smith)

Prev by Date: [ale] OT - SED drive compatibility
Next by Date: [ale] [OT] Need a favor
Previous by thread: [ale] What happen when...
Next by thread: [ale] Systemd for October?
Index(es):
- Date
- Thread