GPG wants to check trustdb every day

Walt Mankowski waltman at
Tue Dec 28 05:24:42 CET 2004

On Mon, Dec 27, 2004 at 10:45:13PM -0500, David Shaw wrote:
> The date is set to the nearest expiration (key or signature) that
> affects the calculated trust (i.e. a key or signature that actually
> got used in your web of trust).  So the check is not really once a
> month or so, it's when needed.  If you have no expiring keys or
> signatures, GnuPG will never recheck.
> Note that many actions (including importing keys, deleting keys,
> revoking keys, revoking user IDs, etc) all force a recheck of the
> trustdb since these actions may invalidate the existing web of trust.
> If you're next trustdb check is scheduled for December 30th, then you
> probably have a key or signature that expires then.
> Note that if you're using PGP's global directory service, you will
> always have a signature that expires soon since the GD issues 14 day
> signatures.

Aha!  That explains it.  I must just have a bunch of signatures
expiring around the end of the year.


-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: Digital signature
Url : /pipermail/attachments/20041227/e06f6ace/attachment.bin

More information about the Gnupg-users mailing list