gpg 1.0.5: unusable secret key
David Champion
dgc@uchicago.edu
Thu Jun 14 14:15:01 2001
On 2001.06.14, in <87lmmvcn4l.fsf@alberti.gnupg.de>,
"Werner Koch" <wk@gnupg.org> wrote:
>
> This was fixed in 1.0.5. From NEWS:
>
> * Rewritten key selection code so that GnuPG can better cope with
> multiple subkeys, expire dates and so. The drawback is that it
> is slower.
>
> Well not very prominent, but 1.0.6 says:
>
> * Fixed expire time calculation and keyserver access.
>
> 1.0.5 calculated the key expire time based on the creation date of the
> signature packtet and not of the key packet.
Ah... I wouldn't have caught those -- I thought that the key simply had
a fixed expiration date, since I chose one. :) Thanks.
So I need to replace this key. Because I can't necessarily meet
everyone personally (or even call) right away, I want to send a message
containing the fingerprint of the new key, but this is useless if I
don't sign that message with my old key. Can I force gpg to sign a
message using an expired key, or do I need to use an older version?
(I'm asking mainly so that the answer gets into the mail archive. In my
case, using an older version is not currently a problem, but that won't
remain so, and it's probably not true for everyone.)
--
-D. dgc@uchicago.edu NSIT University of Chicago