Hi Jens-- On Fri 2015-09-25 00:49:48 -0700, Jens Lechtenboerger wrote:
> I tried to generate test keys with expired user IDs (under faked > system time), but I failed, with gpg 1.4 as well as 2.1.8. I tried > to use the options default-sig-expire and default-cert-expire as > well as ask-sig-expire and ask-cert-expire when adding user IDs via > --edit-key. > > However, gpg --list-options show-sig-expire --list-sigs > indicates that the signatures expire “never”. with 2.1.8, i get an expiration prompt for the user ID if i use: gpg2 --full-gen-key However, i agree with you that it seems like the following command ought to generate an expired key: gpg2 --faked-system-time 20100101T000000 --default-cert-expire 1y --quick-gen-key 'Test Key <t...@example.org>' But in my tests, it does not. This seems like a bug in the implementation of --default-cert-expire. Maybe someone™ should file it at https://bugs.gnupg.org/ :) > How can I generate/add user IDs with expiration dates or change the > expiration date of user IDs? You can do this with "gpg --edit-key $KEYID" In the subprompt GnuPG provides, use "1" (or "2", etc) to select which user ID you want. then use "expire" to change the expiration for that user ID. hth, --dkg _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
