encrypting to expired certificates

Peter Lebbing peter at digitalbrains.com
Tue Sep 16 19:18:06 CEST 2014

On 16/09/14 16:41, Werner Koch wrote:
> To put this discussion to an end, he may simply do a jump to the left
> and put the option --faked-system-time ISODATESTRING on his command
> line.

Regardless of whether you personally support or oppose the possibility
to override the expiry date, as it's your decision, I do want to point
out that this creates an issue with encrypt-and-sign. Although a little
footnote saying "hey dude, since your key expired in April, I had to
sign in April" could be added. I do wonder how many people would
understand that footnote, though.


I use the GNU Privacy Guard (GnuPG) in combination with Enigmail.
You can send me encrypted mail if you want some privacy.
My key is available at <http://digitalbrains.com/2012/openpgp-key-peter>

More information about the Gnupg-users mailing list