On 07/20/2010 11:22 AM, Chris Knadle wrote: > Besides adding an expiration date, during testing I was able to change the > expiration date of a newly formed key that had previously been given an one to > not having one at all. I have my doubts concerning whether gpg clients would > accept an expiration date extension for a key, though. All OpenPGP clients i've ever seen do accept expiration date extensions. > And concerning automated key refreshing, the suggestion from the OpenPGP Best > Practices of using the following cronjob has a snag: > > 0 1 * * * /usr/bin/gpg --refresh-keys > /dev/null 2>&1 > > ... which is that your machine has to be on at 1am for this to run. I've been > trying to find a script that will locally email errors and changes to keys via > an anacron job. anacron would be reasonable. i don't think the script needs to be fancy. --dkg
Attachment:
signature.asc
Description: OpenPGP digital signature