gpgsm and expired certificates
oub at mat.ucm.es
Sun Oct 27 09:53:00 CET 2013
>> "Werner" == Werner Koch <wk at gnupg.org> writes:
> On Sat, 26 Oct 2013 22:03, oub at mat.ucm.es said:
>> know by the date of the certificate which certificate to use for which
>> - old for old messages
> Note, that there is no need for a certificate for decryption - only the
> private key is required. The certificate is only used to show some meta
Now I am confused. Most likely my knowledge of certificates is not
correct. (I played around with openssl to generate my own, useless,
I thought a certificate consists of a key pair (private/public) which is
signed by the Authority (here comodo).
When I apply for a certificate, the keypair is generated by the crypto
module of the browser and then signed.
So I thought when I apply for a new certificate a new key pair
is generated which gets signed again.
But your comment above seems to indicate that the old pair gets a new
signature. Is this correct? But what if I apply with a different
browser I applied the last time.
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 5556 bytes
Desc: not available
More information about the Gnupg-users