Thu Jul 24 22:23:02 2003
Content-Type: text/plain; charset=us-ascii
On Thu, Jul 24, 2003 at 09:47:48PM +0200, Adrian 'Dagurashibanipal' von Bid=
> On Thursday 24 July 2003 20:03, CL Gilbert wrote:
> > Originally I made my key years ago with pgp. later imported into gpg.
> > Then I updated the expiration of the main key. its a DH/DSS pair. But
> > while gpg seems to think the main key no longer expires, the PGP still
> > shows the original expire date when I import the key from various
> > servers. I know the servers have updated because they include a new
> > encrypting key since the old encrypting key was expiring with the main =
> I guess your key now has two self signatures on the keyservers, and
> gpg and pgp differ in how they handle that situation. Obviously, the
> newer self-signature should take precedence, but maybe pgp just
> takes the first one it sees?
I'd be interested in seeing such a key, and knowing what version of
PGP we're talking about.
The OpenPGP standard explicitly does not define what is the Right
Thing to do when there are more than one self-signatures. It suggests
using the more recent self-signature, but that's only a
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.3rc1 (GNU/Linux)
Comment: Key available at http://www.jabberwocky.com/david/keys.asc
-----END PGP SIGNATURE-----