gpg 1.0.5: unusable secret key

Werner Koch wk@gnupg.org
Thu Jun 14 15:35:01 2001


 || On Thu, 14 Jun 2001 07:13:17 -0500
 || David Champion <dgc@uchicago.edu> wrote: 

 dc> So I need to replace this key.  Because I can't necessarily meet

Yes, because it is an v3 key and you can't change the expiration time there.

 dc> don't sign that message with my old key.  Can I force gpg to sign a
 dc> message using an expired key, or do I need to use an older version?

An expired key is an expired key is an expired ...

You can use an expired key for decrupting a message but you won't be
able to sign something (if there are no more bugs).  So the workaround
is to set the wall clock of your box back before the expiration time
(bad idea) or  change it in the source:  It should be easy to find in
g10/getkey.c, function finsih_lookup().  At two places there are tests
on the expire time which will to a "continue" for expired keys - just
comment the 2 continues out and print a warning.

  Werner

-- 
Werner Koch        Omnis enim res, quae dando non deficit, dum habetur
g10 Code GmbH      et non datur, nondum habetur, quomodo habenda est.
Privacy Solutions                                        -- Augustinus