[prev in list] [next in list] [prev in thread] [next in thread]
List: gnupg-users
Subject: Re: GnuPG User ID expiry
From: Daniel Kahn Gillmor <dkg () fifthhorseman ! net>
Date: 2015-09-30 3:37:01
Message-ID: 87wpv84lya.fsf () alice ! fifthhorseman ! net
[Download RAW message or body]
Hi Jens--
On Fri 2015-09-25 00:49:48 -0700, Jens Lechtenboerger wrote:
> I tried to generate test keys with expired user IDs (under faked
> system time), but I failed, with gpg 1.4 as well as 2.1.8. I tried
> to use the options default-sig-expire and default-cert-expire as
> well as ask-sig-expire and ask-cert-expire when adding user IDs via
> --edit-key.
>
> However, gpg --list-options show-sig-expire --list-sigs
> indicates that the signatures expire "never".
with 2.1.8, i get an expiration prompt for the user ID if i use:
gpg2 --full-gen-key
However, i agree with you that it seems like the following command ought
to generate an expired key:
gpg2 --faked-system-time 20100101T000000 --default-cert-expire 1y --quick-gen-key \
'Test Key <test@example.org>'
But in my tests, it does not. This seems like a bug in the
implementation of --default-cert-expire. Maybe someoneā¢ should file it
at https://bugs.gnupg.org/ :)
> How can I generate/add user IDs with expiration dates or change the
> expiration date of user IDs?
You can do this with "gpg --edit-key $KEYID"
In the subprompt GnuPG provides, use "1" (or "2", etc) to select which
user ID you want. then use "expire" to change the expiration for that
user ID.
hth,
--dkg
_______________________________________________
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic