Creating signatures with expiration time

Michael Fladerer fladerer at
Thu Apr 14 12:39:46 CEST 2011

On Thu Apr 14, 2011 at 11:45:07 +0200, Jesus Cea wrote:
> Hash: SHA1
> On 14/04/11 06:05, Daniel Kahn Gillmor wrote:
> > On 04/13/2011 10:43 PM, Jesus Cea wrote:
> >> My idea was to create a signature with a expiration date, so signatures
> >> should be renewed every year. The OpenPGP Standard documents this type
> >> of signature <>, but
> >> GPG doesn't seems to have the option to create them.
> > 
> > Look in the man pages for --default-cert-expire and --ask-cert-expire.
> > 
> > If these do what you want, you can also set them in ~/.gnupg/gpg.conf so
> > that you don't have to supply them on the command line every time.
> Thanks, Daniel. Looking the manual, I see "--default-sig-expire" and
> "--ask-sig-expire" too. What is the difference with "cert"?.
> Maybe "cert" only ask for expiration when signing a key, while "sig"
> always ask for an expiration for any kind of signature?
Sorry, I obviously missed the keyword 'data' in 'data signature' when I
looked through the manpage.  So dkg was right with --ask-cert-expire,
which prompts for an expiration date of the signature you're going to


 Michael Fladerer                     <fladerer at>
                                                  <fladerer at>
 GPG Key-ID: EE61F443
 Key fingerprint: A56F FE73 5FCC 4FF1 2E72  360E ACE6 1874 EE61 F443

More information about the Gnupg-users mailing list