From: Matthew J Ghio <mg5n+@andrew.cmu.edu>
Date: Sun, 17 Apr 94 12:07:06 PDT
To: Cypherpunks Mailing List <cypherpunks@toad.com>
Subject: Re: Key Eater Needed
Message-ID: <4hgMVY600VpcBhckdD@andrew.cmu.edu>
MIME-Version: 1.0
Content-Type: text/plain


Mike Ingle <MIKEINGLE@delphi.com> wrote:

> There is no way to know now when a key was sent to a server, so it is hard
> to know when to delete it. One way would be to keep track of when new
> keys are sent or updated, and delete any key which has not been updated
> within a certain time, such as one year. All existing keys could be given
> six months to live. Those who wanted to keep their present keys could
> send them again, and others could create new ones.
>
> The web of trust model does not lend itself easily to key expirations,
> because this requires you to frequently get people to re-sign your key,
> and to re-sign the keys of others. This creates the opportunity for the
> "here's my new key, and I haven't got it resigned yet" attack. There
> would have to be a fairly long overlap period between new and old keys,
> during which time the old key signed the new key. Expirations would
> complicate the system considerably.

How about people just keep their keys, and the signatures, but they
re-sign their own keys every six months or so?  In order to keep their
keys on the keyserver, they must submit a PGP signed message to prove
that they still have that key. If they don't, the key is assumed to be
lost, and it is deleted.