RFC on issue 2701, default expiration time for new keys

Ximin Luo infinity0 at pwned.gg
Fri Dec 9 15:29:00 CET 2016

Peter Lebbing:
> On 09/12/16 14:55, Justus Winter wrote:
>> [...] 5) adds subkeys to an
>> existing key.  Both allow one to specify an expiration time (optional,
>> or '-' to explicitly select the default, or the key words 'never' and
>> 'none').  By default the keys generated using this way do not expire.
>> I'd like to change that as well.
> What's the purpose of putting an expiry date on the subkeys? I thought
> this was mainly to deal with losing access to the private key material.
> Isn't that only relevant for the primary key?

No, some people like to split their secret master keys and subkeys. You can do --export-secret-subkeys then selectively import the subkeys.


GPG: ed25519/56034877E1F87C35
GPG: rsa4096/1318EFAC5FBBDBCE

More information about the Gnupg-devel mailing list