gpg 1.0.5: unusable secret key
Werner Koch
wk@gnupg.org
Thu Jun 14 15:35:01 2001
|| On Thu, 14 Jun 2001 07:13:17 -0500
|| David Champion <dgc@uchicago.edu> wrote:
dc> So I need to replace this key. Because I can't necessarily meet
Yes, because it is an v3 key and you can't change the expiration time there.
dc> don't sign that message with my old key. Can I force gpg to sign a
dc> message using an expired key, or do I need to use an older version?
An expired key is an expired key is an expired ...
You can use an expired key for decrupting a message but you won't be
able to sign something (if there are no more bugs). So the workaround
is to set the wall clock of your box back before the expiration time
(bad idea) or change it in the source: It should be easy to find in
g10/getkey.c, function finsih_lookup(). At two places there are tests
on the expire time which will to a "continue" for expired keys - just
comment the 2 continues out and print a warning.
Werner
--
Werner Koch Omnis enim res, quae dando non deficit, dum habetur
g10 Code GmbH et non datur, nondum habetur, quomodo habenda est.
Privacy Solutions -- Augustinus