IMporting PGP public key into GPG 1.4.2 with no expiry shows as expired in GPG

Cts Onetemp ctsonetemp at yahoo.com
Tue Dec 3 16:59:47 CET 2013 

Thanks Werner 
This is for a client who is using gpg 142 and I am trying to simulate that here. we are providing them the pgp keys. 

attched the conf file. 
here is the list of commands run 

C:\gpg>set GNUPGHOME=home

C:\GPG>gpg --list-keys
home\pubring.gpg
----------------
pub   1024D/551A09BA 2013-11-26
uid                  aa <aa at xxx.com>
sub   2048g/8BF467D3 2013-11-26

C:\gpg>gpg --import pgp_compatible.pgp   ( this is the one generated with the pgp --export-format compatible option)
gpg: key 6988865C: public key "nadm at xxxx.com" imported
gpg: Total number processed: 1
gpg:               imported: 1  (RSA: 1)

C:\gpg>gpg --list-keys
home\pubring.gpg
----------------
pub   1024D/7017503A 2013-11-29
uid                  aa <aa at xxx.com>
sub   2048g/41B425C7 2013-11-29

pub   1024R/6988865C 2010-10-26 [expired: 2010-10-26]  ( This is incorrect. the PGP key does not have an expiry set )
uid                  nadm at xxxx.com

--  Edit and set trust to see if that helps 

C:\gpg>gpg --edit-key 6988865C

pub  1024R/6988865C  created: 2010-10-26  expired: 2010-10-26  usage: CS
sub  1024R/8530919D  created: 2010-10-26  expired: 2010-10-26  usage: E
sub  2048R/939E43AE  created: 2010-12-12  expired: 2010-12-12  usage: E
sub  2048R/0DF32565  created: 2012-12-31  expired: 2015-01-10  usage: E
[ expired] (1). nadm at xxxx.com

Command> trust
pub  1024R/6988865C  created: 2010-10-26  expired: 2010-10-26  usage: CS
sub  1024R/8530919D  created: 2010-10-26  expired: 2010-10-26  usage: E
sub  2048R/939E43AE  created: 2010-12-12  expired: 2010-12-12  usage: E
sub  2048R/0DF32565  created: 2012-12-31  expired: 2015-01-10  usage: E
[ expired] (1). nadm at xxxx.com

Please decide how far you trust this user to correctly verify other users' keys
(by looking at passports, checking fingerprints from different sources, etc.)

  1 = I don't know or won't say
  2 = I do NOT trust
  3 = I trust marginally
  4 = I trust fully
  5 = I trust ultimately
  m = back to the main menu

Your decision? 4

pub  1024R/6988865C  created: 2010-10-26  expired: 2010-10-26  usage: CS
sub  1024R/8530919D  created: 2010-10-26  expired: 2010-10-26  usage: E
sub  2048R/939E43AE  created: 2010-12-12  expired: 2010-12-12  usage: E
sub  2048R/0DF32565  created: 2012-12-31  expired: 2015-01-10  usage: E
[ expired] (1). nadm at xxxx.com
Please note that the shown key validity is not necessarily correct

unless you restart the program.

Command> save
Key not changed so no update needed.

-- I try to sign this key 
C:\gpg>gpg --edit-key 6988846C

pub  1024R/6988865C  created: 2010-10-26  expired: 2010-10-26  usage: CS
sub  1024R/8530919D  created: 2010-10-26  expired: 2010-10-26  usage: E
sub  2048R/939E43AE  created: 2010-12-12  expired: 2010-12-12  usage: E
sub  2048R/0DF32565  created: 2012-12-31  expired: 2015-01-10  usage: E
[ expired] (1). nadm at xxxx.com


Command> sign

pub  1024R/6988865C  created: 2010-10-26  expired: 2010-10-26  usage: CS
 Primary key fingerprint: 9568 7369 43F0 F8F2 512F  AAAA A123 82DB 6988 846C

    nadm at xxxx.com

This key has expired!  Unable to sign.

-- The PGP key is definitely not expired. 
If i further go ahead and try to encrypt 

C:\gpg>gpg --encrypt --recipient 6988865C  install.txt
gpg:  nadm at xxxx.com: skipped: unusable public key
gpg: install.txt: encryption failed: unusable public key


------

If I use a PGP key that has expiry date set, it seems to import fine into GPG,. But for a PGP key that has expiry set to Never, the above happens. We use PGP 10.  Any suggestions?  I am not familiar with config file for gpg. any help is appreciated. 
Thanks



On Tuesday, December 3, 2013 4:45 AM, Werner Koch <wk at gnupg.org> wrote:
 
On Mon,  2 Dec 2013 19:25, ctsonetemp at yahoo.com said:


> When I import a PGP public key that has "NO expiry" date, into GPG
> 1.4.2, it s

1.4.2 is quite old (8 years) and you should definitely not use it
anymore. 

It seems that you did not invoked gpg correctly.  Please show us the
actual command line you used and also the content of gpg.conf.  You may
redact keyids and user ids but please change only digits to '1' and
letters to 'a' - do not redact and blanks etc.


Salam-Shalom,

   Werner

-- 
Die Gedanken sind frei.  Ausnahmen regelt ein Bundesgesetz.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: </pipermail/attachments/20131203/e02866d3/attachment-0001.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: gpg.conf.cpy
Type: application/octet-stream
Size: 1206 bytes
Desc: not available
URL: </pipermail/attachments/20131203/e02866d3/attachment-0001.obj>

More information about the Gnupg-users mailing list