Retaining expired sigs

Jason Harris jharris at
Sun Mar 20 18:18:42 CET 2005

On Sat, Mar 19, 2005 at 10:35:47PM -0500, David Shaw wrote:
> On Sat, Mar 19, 2005 at 03:25:32PM -0500, Jason Harris wrote:
> > The sig. of 1-Jan-2000 is valid and usable.  It can only be ignored when
> > superceded.
> I agree with your general idea here, but not the details, exactly.
> What GnuPG does in this case is to take the 1-Jan-2000 signature and
> ignore any that follow.

As I said, that makes them decidedly non-modifiable instead of simply

> I don't like the idea of a signature that is temporarily superceded.
> Either it is superceded (and can be removed) or it is not.  It's a bit

If one doesn't insist that the latest non-revocable, superceded sigs
are to be removed, I don't see the problem with temporarily superceded

However, GPG's current behavior can be circumvented by manually removing
any non-revocable sigs that block other sigs from being considered,
anyone affected by this behavior should be able to diagnose it quickly,
and I don't recall seeing a lot of non-revocable 0x10-0x13 sigs, so this
probably won't become a big issue anytime soon.

BTW, what has your testing of other (OpenPGP(?)) encryption programs

Jason Harris           |  NIC:  JH329, PGP:  This _is_ PGP-signed, isn't it?
jharris at _|_ web:
          Got photons?   (TM), (C) 2004
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 309 bytes
Desc: not available
Url : /pipermail/attachments/20050320/2193601f/attachment.pgp

More information about the Gnupg-users mailing list