expired sig?

Joel Rees joel_rees at sannet.ne.jp
Sat Feb 7 09:44:56 CET 2009

I just installed gnupg 1.4.9 and, just for grins (since I hadn't yet  
installed gpg and had already checked the SHA1 signature), I did gpg  
--verify on the signature file gnupg-1.4.9.tar.gz.sig .

It says the signature for "Werner Koch (dist sig) <dd9jn at gnu.org>" is  
good, then it says:

gpg: Note: This key has expired!

(Signature made Thu Mar 27 02:39:36 2008 JST using RSA key ID 1CE0C630)

Maybe they expected an update to occur before now?

More information about the Gnupg-devel mailing list