Future time: --ignore-time-conflict and --ignore-valid-from not working (gpg-1.4.6)
Werner Koch
wk at gnupg.org
Mon Jan 29 08:34:31 CET 2007
On Mon, 29 Jan 2007 05:33, bgat at billgatliff.com said:
> I have a key that will be imported into a system with no real-time
> clock. On that machine, the system time gets set to the Epoch at
> startup, thus the key always looks as though it was created "1169836499
Without a real time clock you should be more concerned about true
random numbers than _warnings_ like:
> gpg: Signature made Sun Jan 28 05:07:57 2007 UTC using DSA key ID A7E0150C
> gpg: key A7E0150C was created 1169836499 seconds in the future (time
I assume here that such a platform as also other contrainsts than just
the RTC. Having good and unpredictbale random numbers is crucial to
the security of the key. Creating DSA signatures also requires a good
RNG as well as some other subsystems.
> A lot of Googling and reading the manpage seems to suggest that the two
> --ignore- parameters should get me what I'm after, but it doesn't seem
> to be the case. In particular, I don't want to have to press a key when
> the warnings are emitted, because this will be an unattended operation.
A warning is just a warning and does not aks you to press a key.
Salam-Shalom,
Werner
More information about the Gnupg-users
mailing list