encrypting to expired certificates
Werner Koch
wk at gnupg.org
Tue Sep 16 21:54:56 CEST 2014
On Tue, 16 Sep 2014 21:30, vedaal at nym.hush.com said:
> As the '--faked-system-time' option is interesting, maybe
> re-implementing it in both 2.x and 1.x might be an easy workaround in
> those cases where a user has forgotten to update an expired key.
No. --faked-system-time is actually a debugging options and helpful for
regression tests. It might be easier to use than pther faketime tools
> With regard to the resulting sign and encrypt problem, a simple
> workaround would be to clearsign first, and the encrypt the
> clearsigned mesage with the '--faked-system-time' option .
A much much easier to solution it to patch out the check and go ahead.
After all the source code is always there. IIRC, g10/getkey.c, function
merge_keys_and_subkeys .
Salam-Shalom,
Werner
--
Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz.
More information about the Gnupg-users
mailing list