encrypting to expired certificates
Doug Barton
dougb at dougbarton.us
Tue Sep 16 19:06:47 CEST 2014
On 9/16/14 9:26 AM, Werner Koch wrote:
> On Tue, 16 Sep 2014 16:26, dkg at fifthhorseman.net said:
>
>> i've definitely seen people update their primary key's expiration date
>> and fail to update the expiration date of their subkey, so they have a
>> valid cert, but it still can't be used for encryption. So they have to
>
> There needs to be warning in this case. Can you please file a bug?
FWIW, I recently experienced that myself. The combination of knobs
needed to select both the primary and the encryption sub key for
updating the expiration was not intuitive, and I was quite surprised to
see that when I updated the expiration date the first time that the
subkey was not also updated. In fact I would not have known that at all
if I hadn't done 'list-keys' after I edited the key just to be sure.
Doug (It's only paranoia if they're not actually out to get you) :)
More information about the Gnupg-users
mailing list