On 18/11/15 16:59, da...@gbenet.com wrote: > 0x5E5CCCB4A4BF43D7 has expired - that's the only thing "bad" about it.
I could not reproduce this: > $ gpg2 -k 2C53B2ED > pub rsa2048/2C53B2ED 2015-08-21 [expired: 2015-08-28] > uid [ expired] Test Teststra Jr. <tes...@example.com> > $ gpg2 --check-sig DCDFDFA4 > gpg: 8 good signatures > pub rsa1024/DCDFDFA4 2012-03-17 [expires: 2015-11-19] > uid [ unknown] Test Teststra (Koning van Wezel) <test@example.invalid> > sig!3 DCDFDFA4 2015-11-18 Test Teststra (Koning van Wezel) > <test@example.invalid> > sig! 2C53B2ED 2015-11-18 Test Teststra Jr. <tes...@example.com> > uid [ unknown] Test Teststra <test@work.invalid> > rev! DCDFDFA4 2014-08-14 Test Teststra (Koning van Wezel) > <test@example.invalid> > sig!3 DCDFDFA4 2014-08-13 Test Teststra (Koning van Wezel) > <test@example.invalid> > sig!3 DCDFDFA4 2015-11-18 Test Teststra (Koning van Wezel) > <test@example.invalid> > sig! 17C05EBD 2015-05-22 c...@example.org > sig! 2C53B2ED 2015-11-18 Test Teststra Jr. <tes...@example.com> > sub rsa1024/77A3395A 2012-03-17 > sig! DCDFDFA4 2012-03-17 Test Teststra (Koning van Wezel) > <test@example.invalid> I have just now issued a signature on 0xDCDFDFA4 with 0x2C53B2ED. To do that, I had to unexpire the latter, but I first made a backup of the expired key. After putting the expired key back, the signature is still shown as succesfully verified, not as bad. So a signature by an expired key is not necessarily seen as a bad signature. Either your explanation is incomplete or it is incorrect... But thanks for looking into it! I never thought anything of the fact it was expired; I probably never noticed? HTH, Peter. -- I use the GNU Privacy Guard (GnuPG) in combination with Enigmail. You can send me encrypted mail if you want some privacy. My key is available at <http://digitalbrains.com/2012/openpgp-key-peter> _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
