Exporting/ importing changes expiration date of subkeys...
Daniel Kahn Gillmor
dkg at fifthhorseman.net
Mon Nov 12 22:16:17 CET 2018
On Mon 2018-11-12 18:27:59 +0100, gnupgpacker wrote:
>> the "classic" version of GnuPG (the 1.4.x series) not only does not
>> ...
>> If you upgrade to the modern version of GnuPG on your windows machine,
>> and then try to re-import, i think you'll find the merge issue resolved.
>
> GnuPG 1.4.23 is part of GnuPG-Pack with old but convincing GPGrelay
> included, which needs older version 1.4x.
> http://www.rose-indorf.de/gnupgpack/
>
> Exporting (older) RSA keys should be independent from GnuPG version 1.4x or
> 2.2x, isn't it?
It's difficult for me to tell what you're asking about.
For each import/export operation you're asking about (both successes and
failures), could you give the following information clearly:
* Are you exporting secret keys?
or exporting public keys?
* where were the secret keys originally created? (on what program does
the original export happen?)
* which program is doing the import?
* does the program doing the import modify the OpenPGP certificate in
any way?
* does it re-export the OpenPGP certificate? if so, is that
re-exported certificate loaded back into the original program?
> Importing those keys are working faultless with:
> Flipdog CryptoPlugin/ Android-8.1:
> https://i.imgur.com/TmR3oiz.png
> and
> OpenKeychain/ Android-8.1 too:
> https://i.imgur.com/vYa1pUl.png
> Expiration dates of key and 3 subkeys are correct set to 31.12.2019!
If possible, please include these screenshots as decently-sized (small)
attachments, rather than linking to a potentially ephemeral site like
imgur! we want these archives to be ueful even after imgur dies or gets
bought :)
> Only importing with R2mail2/ Android-8.1 causes described expiration error.
> In my opinion it depends on key structure (1 main key, 3 subkeys for
> S/A/E)!?
> If using a 'normal' key with 1 main key S/C/A and 1 subkey for E, importing
> to R2mail2 works, even if expiration date has been enhanced.
it is not normal for the primary key to be marked as
authentication-capable ("A"). If you have a tool that is doing that,
please report back what tool that is, on what platform and what version!
Regards,
--dkg
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 227 bytes
Desc: not available
URL: <https://lists.gnupg.org/pipermail/gnupg-users/attachments/20181112/975a556a/attachment.sig>
More information about the Gnupg-users
mailing list