Expire of elgamal sub

David Shaw dshaw at jabberwocky.com
Wed Jan 7 01:25:37 CET 2009

On Jan 4, 2009, at 7:13 AM, Patrick Matthäi wrote:

> I have got the following problem.
> $ gpg --fingerprint "Patrick"
> pub   1024D/7A5A6CC7 2006-08-15
>      Key fingerprint = 1C54 FA0D 6F0F 5064 7A95  BBD3 D970 398A 7A5A  
> 6CC7
> uid                  Patrick Matthäi (Local Key) <patrick.matthaei at web.de 
> >
> uid                  Patrick Matthäi <matthaei at ameus.de>
> sub   2048g/D6395C9A 2006-08-15 [expires: 2010-01-01]
> sub   2048g/610BB46C 2008-11-11
> In the past I added an expire to my key on --gen-key, which I later
> changed to never expire.
> A much more time later I saw, that my elgamal still has got an
> expiration date and I can not find anything how I could change it.
> Then I added a new elgamal, the 2048g/610BB46C one.
> Is this right so? Can I edit the expire of the elgamal? What would
> happen *now* if the elgamal 2048g/D6395C9A has been expired?

You can have different expiration dates on an OpenPGP key.  The whole  
key can expire, and individual subkeys can expire.  If the whole key  
expires, it takes all subkeys with it (whether they are expired or  
not).  If a subkey expires, only that subkey is expired.  In your  
case, you have a (whole) key without an expiration date, and two  
subkeys, one with an expiration date and one without.

That said, what are you trying to do?  What is the problem?


More information about the Gnupg-users mailing list