GnuPG User ID expiry

Jens Lechtenboerger lechten at wi.uni-muenster.de
Fri Oct 2 11:06:20 CEST 2015


Hi Daniel!

On 2015-09-29, Daniel Kahn Gillmor wrote:

> On Fri 2015-09-25 00:49:48 -0700, Jens Lechtenboerger wrote:
>
>> I tried to generate test keys with expired user IDs (under faked
>> system time), but I failed, with gpg 1.4 as well as 2.1.8.
>
> with 2.1.8, i get an expiration prompt for the user ID if i use:
>
>   gpg2 --full-gen-key

I get an expiration prompt for the key but not the user ID.
I tried different key sizes and keys with as well as without
expiration date.

> However, i agree with you that it seems like the following command ought
> to generate an expired key:
>
>  gpg2 --faked-system-time 20100101T000000 --default-cert-expire 1y --quick-gen-key 'Test Key <test at example.org>'
>
> But in my tests, it does not.  This seems like a bug in the
> implementation of --default-cert-expire.  Maybe someone™ should file it
> at https://bugs.gnupg.org/ :)

Someone just did that.

Thanks
Jens



More information about the Gnupg-users mailing list