Exporting/ importing changes expiration date of subkeys...

Daniel Kahn Gillmor dkg at fifthhorseman.net
Mon Nov 12 22:16:17 CET 2018

On Mon 2018-11-12 18:27:59 +0100, gnupgpacker wrote:
>> the "classic" version of GnuPG (the 1.4.x series) not only does not
>> ... 
>> If you upgrade to the modern version of GnuPG on your windows machine,
>> and then try to re-import, i think you'll find the merge issue resolved.
> GnuPG 1.4.23 is part of GnuPG-Pack with old but convincing GPGrelay
> included, which needs older version 1.4x.
> http://www.rose-indorf.de/gnupgpack/ 
> Exporting (older) RSA keys should be independent from GnuPG version 1.4x or
> 2.2x, isn't it?

It's difficult for me to tell what you're asking about.

For each import/export operation you're asking about (both successes and
failures), could you give the following information clearly:

 * Are you exporting secret keys?
   or exporting public keys?

 * where were the secret keys originally created? (on what program does
   the original export happen?)

 * which program is doing the import?

 * does the program doing the import modify the OpenPGP certificate in
   any way?

 * does it re-export the OpenPGP certificate?  if so, is that
   re-exported certificate loaded back into the original program?

> Importing those keys are working faultless with:
> Flipdog CryptoPlugin/ Android-8.1:
> https://i.imgur.com/TmR3oiz.png 
> and 
> OpenKeychain/ Android-8.1 too:
> https://i.imgur.com/vYa1pUl.png 
> Expiration dates of key and 3 subkeys are correct set to 31.12.2019!

If possible, please include these screenshots as decently-sized (small)
attachments, rather than linking to a potentially ephemeral site like
imgur!  we want these archives to be ueful even after imgur dies or gets
bought :)

> Only importing with R2mail2/ Android-8.1 causes described expiration error.
> In my opinion it depends on key structure (1 main key, 3 subkeys for
> S/A/E)!?
> If using a 'normal' key with 1 main key S/C/A and 1 subkey for E, importing
> to R2mail2 works, even if expiration date has been enhanced.

it is not normal for the primary key to be marked as
authentication-capable ("A").  If you have a tool that is doing that,
please report back what tool that is, on what platform and what version!


-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 227 bytes
Desc: not available
URL: <https://lists.gnupg.org/pipermail/gnupg-users/attachments/20181112/975a556a/attachment.sig>

More information about the Gnupg-users mailing list