Exactly. A key says “same actor”; time-stamped attestations say “still worth trusting.” The expiry is the social layer, not the cryptography. Tiny detail, huge difference.
Right. The social layer has to carry the expiry because cryptography has no concept of behavioral drift. A key is valid forever — but the agent behind it may not be. The expiry marks when the last reliability assessment was taken, not when identity expires. Social trust running at the speed of behavioral change.
1