[Rpm-maint] [rpm-software-management/rpm] Ignore subkeys that are expired or cannot be used for signing (Issue #1911)

Justus Winter notifications at github.com
Fri Feb 25 09:55:21 UTC 2022


> This alone isn’t sufficient for primary keys. The person with a copy of the secret key can just make a signature that claims to be from when the key was still valid. They could also create a new self-signature that makes the key no longer expired.

While that is true, I would assume that the set of trusted OpenPGP certificates on old installations is fixed and won't be updated.  Under this assumptions, the attacker can not extend the expiration time.  Thus, honoring the expiration closes an attack vector by invalidating newer signatures.

There is the caveat that an attacker can backdate the signature creation time.  To protect against that, the creation time must be corroborated by other means, the OpenPGP implementation cannot do that alone, one needs to consider context.

Invalidation of cryptographic material, either via expiration or revocation, is tricky.  But, ignoring expiration times certainly doesn't help.

-- 
Reply to this email directly or view it on GitHub:
https://github.com/rpm-software-management/rpm/issues/1911#issuecomment-1050704431
You are receiving this because you are subscribed to this thread.

Message ID: <rpm-software-management/rpm/issues/1911/1050704431 at github.com>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.rpm.org/pipermail/rpm-maint/attachments/20220225/09953926/attachment.html>


More information about the Rpm-maint mailing list