Cannot sign key with expired signature

David Shaw dshaw@jabberwocky.com
Tue Apr 15 17:27:03 2003 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On Mon, Apr 14, 2003 at 02:43:29PM +0200, Sascha Silbe wrote:
> 
> One of my friends has prolonged his key, so I want to prolong my signature 
> on it, but GnuPG refuses to sign that key again.
> 
> His key and my expired sig on it:
> 
> === Begin ===
> sascha@cube:~$ gpg --list-sigs CE9DDE57
> pub  1024D/CE9DDE57 2001-03-12 Caspar Bothmer <caspar@cbothmer.org>
> sig 3       CE9DDE57 2001-03-12   Caspar Bothmer <caspar@cbothmer.org>
> sig         6135C35B 2001-03-21   Old key - please use 74E5CF87 instead
> sig 3     X 74E5CF87 2002-06-13   Sascha Silbe <sascha@silbe.org>
> sig 3       CE9DDE57 2003-03-13   Caspar Bothmer <caspar@cbothmer.org>
> sub  2048g/A2366D02 2001-03-12 [expires: 2003-03-12]
> sig         CE9DDE57 2001-03-12   Caspar Bothmer <caspar@cbothmer.org>
> sub  2048G/3ECA1531 2002-09-09 [expires: 2004-09-08]
> sig         CE9DDE57 2002-09-09   Caspar Bothmer <caspar@cbothmer.org>
> === End ===
> 
> Trying to sign the key again:
> 
> === Begin ===
> sascha@cube:~$ gpg --sign-key CE9DDE57
> 
> pub  1024D/CE9DDE57  created: 2001-03-12 expires: 2005-03-12 trust: m/-
> sub  2048g/A2366D02  created: 2001-03-12 expires: 2003-03-12
> sub  2048G/3ECA1531  created: 2002-09-09 expires: 2004-09-08
> (1). Caspar Bothmer <caspar@cbothmer.org>
> 
> "Caspar Bothmer <caspar@cbothmer.org>" was already signed by key 74E5CF87
> Nothing to sign with key 74E5CF87
> Key not changed so no update needed.
> === End ===
> 
> Is this a bug or am I just missing something?

No, this is a real problem.  GnuPG should allow you to re-sign a uid
when the new signature has a different expiration date than the
original.  I'll fix that.

In the meantime, a workaround is to use "delsig" in the --edit-key
menu to remove the old signature before re-signing.

David
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.2rc1 (GNU/Linux)
Comment: http://www.jabberwocky.com/david/keys.asc

iD8DBQE+nBF74mZch0nhy8kRArYSAJ9MZisVErrPKcIw0EZW8M5y28pUyACfToJD
q9ns+wS7sZIjUzyMTj6Q2es=
=Me32
-----END PGP SIGNATURE-----