Expired keys

Neil Williams linux at codehelp.co.uk
Sat Nov 1 21:03:28 CET 2003


A colleague has just changed the expiry date of his key to extend from 31/10/3 
to never.  (keyid 0x8f455606)

--check-sigs now displays:
sig!3     X 28BCB3E3 2003-02-03   Neil Williams (CodeHelp) 

If I try to re-sign the key I get:
Command> sign
"<name>" was already signed by key 28BCB3E3
Nothing to sign with key 28BCB3E3

The key still shows as fully trusted.

This is understandable, on reflection, but a little surprising initially.

It leaves me pondering - the signature has expired (the X in the check-sigs 
output) but because the key that was signed has been changed, the validity of 
the signature is preserved because it's still the same key.

Is this the expected behaviour? Is there any need / method for updating the 
signatures to reflect the new expiry of the main key?

-- 

Neil Williams
=============
http://www.codehelp.co.uk/
http://www.dclug.org.uk/
http://www.isbn.org.uk/
http://sourceforge.net/projects/isbnsearch/

http://www.biglumber.com/x/web?qs=0x8801094A28BCB3E3
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: signature
Url : /pipermail/attachments/20031101/e366746e/attachment.bin


More information about the Gnupg-users mailing list