Mailing List Archive

On Sonntag, 1. Januar 2023 03:54:21 CET gnupg-users@aschoettler.com wrote:
> I have several GnuPG keys which I edited with KGpg.
> https://apps.kde.org/de/kgpg/
>
> Unfortunately, the subkeys were not taken into account when setting
> the expiry date.
> How can I retroactively edit my expired keys and expire the subkeys?

With the expire command of `gpg --edit-key`. You may have to use the
--faked-system-time option (or change the system time of your computer)
because, if I remember correctly, gpg doesn't allow to set an expiration date
in the past.

Regards,
Ingo

On 1 Jan 2023, at 03:49, gnupg-users@aschoettler.com wrote:
>
> ?I have several GnuPG keys which I edited with KGpg.
> https://apps.kde.org/de/kgpg/
>
> Unfortunately, the subkeys were not taken into account when setting the expiry date.
> How can I retroactively edit my expired keys and expire the subkeys?

If your primary key is already expired, there’s not much advantage to be gained by explicitly expiring the subkeys. It’s conceptually tidier, but a subkey of an expired primary key is just as (in)valid either way. The expiry date of a subkey is meant to expire the subkey earlier that its primary; the inverse case (subkey expiring later than its primary) is meaningless - once the primary is expired the entire key should be considered expired, subkeys and all. The only exception might be if you are interacting with client software that doesn’t calculate validity correctly, and needs the extra hint.

A
_______________________________________________
Gnupg-users mailing list
Gnupg-users@gnupg.org
https://lists.gnupg.org/mailman/listinfo/gnupg-users