Retaining expired sigs

Nicolas Rachinsky list at
Sun Mar 20 23:32:06 CET 2005

* David Shaw <dshaw at> [2005-03-20 13:37 -0500]:
> Seriously, think about it:
> 	   non-revocable sig   1-Jan-2000
> 	   expiring sig        2-Jan-2000 (expires 10-Jan-2000).
> Now, say it's January 3rd.  According to what you want, the signature
> that gets used is the 2-Jan-2000.  Then, suddenly, on 10-Jan-2000,
> when that signature expires, the 1-Jan-2000 signature is used.
>   End result: there is always a signature.
> According to what actually happens, the signature that is used is
> 1-Jan-2000.
>   End result: there is always a signature.
> I suggest that if it bothers you all that much, you pretend that it's
> doing what you want.  It's not like there is a way to tell the
> difference.

What about different Levels (sig1..sig3) of signatures? If the first
one is sig3 and the second one sig1 and min-cert-level>1 there would
be a difference.


More information about the Gnupg-users mailing list