gpgsm and expired certificates
oub at mat.ucm.es
Sun Oct 27 11:01:39 CET 2013
> If you generate a new keypair for the new certificate (which is
> probably a good idea) then gpgsm (and presumably any other
> certificate-using software) will figure out what private key will be
> needed to decrypt a particular message and, so long as you still have
> the private key on your system, will use it as needed even if the
> corresponding certificate has expired.
So gpgsm (and others) will also figure out which private key to use for
signing: that is the new one, once the old certificate is expired?
Which means in the case of smime, also to embedd the corresponding
new public key in the signature.
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 5556 bytes
Desc: not available
More information about the Gnupg-users