encrypting to expired certificates

Werner Koch wk at gnupg.org
Tue Sep 16 21:54:56 CEST 2014


On Tue, 16 Sep 2014 21:30, vedaal at nym.hush.com said:

> As the '--faked-system-time' option is interesting, maybe
> re-implementing it in both 2.x and 1.x might be an easy workaround in
> those cases where a user has forgotten to update an expired key.

No.  --faked-system-time is actually a debugging options and helpful for
regression tests.  It might be easier to use than pther faketime tools

> With regard to the resulting sign and encrypt problem, a simple
> workaround would be to clearsign first, and the encrypt the
> clearsigned mesage with the '--faked-system-time' option .

A much much easier to solution it to patch out the check and go ahead.
After all the source code is always there.  IIRC, g10/getkey.c, function
merge_keys_and_subkeys .


Salam-Shalom,

   Werner

-- 
Die Gedanken sind frei.  Ausnahmen regelt ein Bundesgesetz.




More information about the Gnupg-users mailing list