WKD: how to remove expired key verification

gnupgpacker gnupgpacker at on.yourweb.de
Sun Aug 8 10:57:00 CEST 2021


Hello
and thanks for this hints.

If using:
$ gpg -v --auto-key-locate clear,wkd,nodefault --locate-key xy at xyxy.de
gpg: verwende Vertrauensmodell pgp
gpg: pub  rsa4096/F507E7850xxxxxxC 2015-01-05  Vorname Name <xy at xyxy.de>
gpg: Schlüssel F507E785xxxxxxC: "Vorname Name <xy at xyxy.de>" nicht geändert
gpg: pub  rsa2048/435F423FxxxxxxD4 2013-10-21  Vorname Name <xy at xyxy.de>
gpg: Hinweis: Signaturschlüssel 435F423FxxxxxxD4 ist am 26.03.2019 12:00:00 Mitteleurop�ische Zeit verfallen
gpg: Schlüssel 435F423FxxxxxxD4: "Vorname Name <xy at xyxy.de>" nicht geändert
gpg: Anzahl insgesamt bearbeiteter Schlüssel: 2
gpg:                             unverändert: 2
gpg: auto-key-locate found fingerprint DDC9F7A53xxxxxxxxDAAD53F507E785xxxxxxC
gpg: `xy at xyxy.de' automatisch via WKD geholt
pub   rsa4096 2015-01-05 [C] [verfällt: 2021-12-31]
      DDC9F7A53xxxxxxxxDAAD53F507E785xxxxxxC
uid        [ ultimativ ] Vorname Name <xy at xyxy.de>
sub   rsa4096 2015-01-05 [A] [verfällt: 2021-12-31]
sub   rsa4096 2015-01-05 [S] [verfällt: 2021-12-31]
sub   rsa4096 2015-01-05 [E] [verfällt: 2021-12-31]


Signaturschlüssel 435F423FxxxxxxD4 has been expired on 26.03.2019, but is still attached to published and still valid public WKD key.

It's my own key, actual one and old expired signature key ;)
It has been used while changing my own pgp key to a stronger one for signing it with my old valid key. Now it is not more needed, new key has been spreaded.

How to remove this old and expired signature from my key contruct?

Thanks and best regards.






More information about the Gnupg-users mailing list