primary key expiration and subkeys
Bernhard Reiter
bernhard at intevation.de
Thu Jan 22 15:46:24 CET 2026
Hello Ben,
Am Dienstag 20 Januar 2026 07:31:21 schrieb Ben Kibbey:
> Is it normal behavior to add a subkey whose expiration is after a
> primary key
not that I have heard of it. (Which probably is the reason why you haven't
gotten many replies, just because who would know if people do that.)
> only to have the subkey be flagged as expired after the
> primary key expires?
On first thought a message like this seems okay,
because what would a subkey do if the main key has expired?
> If so, it may be good to issue a warning during
> --edit-key that a subkey expiration is later than the primary since one
> would have to change the expiration of both the primary and subkeys to
> make use of them.
--edit-key is a low level operation, I wonder what expert GUIs like Kleopatra
would allow. And if it is worth the effort to add a warning here.
Regards,
Bernhard
--
https://intevation.de/~bernhard +49 541 33 508 3-3
Intevation GmbH, Osnabrück, DE; Amtsgericht Osnabrück, HRB 18998
Geschäftsführer: Frank Koormann, Bernhard Reiter
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 659 bytes
Desc: This is a digitally signed message part.
URL: <https://lists.gnupg.org/pipermail/gnupg-devel/attachments/20260122/a4cd85b9/attachment-0001.sig>
More information about the Gnupg-devel
mailing list