Get expiration date by searching on keyservers

Daniel Kahn Gillmor dkg at fifthhorseman.net
Wed Apr 30 17:23:43 CEST 2014


On 04/29/2014 06:40 PM, Koen wrote:

> I use '--keyserver <srv> --search-keys <key'> to get info on a number of
> keys. As far as I can tell, that doesn't return an expiration date (if
> that exists).
> 
> Are there other ways to easily check on the exp. date, besides importing
> the key and then verifying the expiration date?

If you want cryptographic proof of the expiration date, you'll want to
fetch the keys locally anyway (the keyservers do no cryptographic
verification, and even if they did, you would have to decide to trust
their report, which you might not want to do).

I think fetching the keys you're interested in and handling them locally
is your best bet.

Regards,

	--dkg

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 1010 bytes
Desc: OpenPGP digital signature
URL: </pipermail/attachments/20140430/978fb158/attachment.sig>


More information about the Gnupg-users mailing list