Changing the expiration date after the key has expired

[David Shaw]

On Jun 2, 2009, at 10:14 AM, Vincent Panel wrote:

> Hi,
>
> I just wondered if it was possible to postpone the expiration date
> after it has been set and/or after the deadline has been reached.

Yes, you can.

> 2 years ago, I created a personal key and set the expiration to 2y, so
> it has now expired. It looks like I can change the expiration date (of
> the primary key) in gnupg software "using edit-key". My subkey expired
> too, so I have generated a new one.

This is fine.  Note that you can also change the expiration date of a  
subkey by selecting it ("key X") and then doing the usual "expire".

> I've tried to export the result and put it on the mit keyserver but it
> failed. According to the message I've read, it was because my userids
> wer signed by two keys (which is more or less wrong : I've checked and
> they are signed twice by the same key, but at different dates). What
> is strange is I've tried another keyserver and it worked (without
> removing the expired signature).

This is a problem with the MIT keyserver.  It runs an older keyserver  
software package, that is not fully compatible with standard keys (the  
software was written before the standard was finalized).

> But, well, the real problem is that now, even if my new subkey has
> been imported successfully, the primary key on the keyserver still has
> the old expiration date set - i.e. the primary key has expired : do
> you know if I can update the key on the keyserver so that it is aware
> of the new expiration date ?

Your best bet is simply to not use the MIT keyserver.  The other  
keyservers (try "pool.sks-keyservers.net") should handle this case  
without any problems.

David