encrypting to expired certificates

Peter Lebbing peter at digitalbrains.com
Tue Sep 16 12:45:09 CEST 2014

On 16/09/14 02:12, Robert J. Hansen wrote:
> If you can find half a dozen *real users* who are being *really
> impacted* by this, I'd love to hear about them.

I wanted to encrypt a document to myself on an offline system[1].
However, that copy of my own key was expired, and it wouldn't do it. I
was in a bit of a hurry, trying to get things done. Now, I had to get a
USB drive, start another computer, export my updated key, and import it
on the offline system. If I had --expert followed by yes to an "Are you
sure?" prompt, I would have done that and updated the copy when I had
more time.

Together with Hauke and his correspondent with the offline main key, you
now already have two actual cases, taken from real situations that
actually happened. At this rate, we'll be done this week.

> But so far, all the discussion is so hypothetical that it's hard for
> me to take it seriously.

I was slightly baffled by this comment as Hauke actually gave an example
that happened in real life. That is a lot more than I usually see when
people argue for or against a feature.

You can't argue that these aren't real users. You can't argue it's not a
real impact. You can only argue that the impact isn't that big. But that
is a long shot from "so hypothetical it's hard to take seriously". I
don't understand where that came from.


[1] This in the interest of security. You dislike the word, so it's in a
footnote to make it less offensive to you ;).

I use the GNU Privacy Guard (GnuPG) in combination with Enigmail.
You can send me encrypted mail if you want some privacy.
My key is available at <http://digitalbrains.com/2012/openpgp-key-peter>

More information about the Gnupg-users mailing list