[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: weird OpenPGP expiration dates in AM reports [was: Re: AM report for Daniel Kahn Gillmor]



On Thu, Apr 23, 2009 at 12:45:11PM -0400, Daniel Kahn Gillmor wrote:
> On 04/22/2009 08:36 AM, Patrick Schoenfeld wrote:
> >    Let's test if its a version 4 or greater key
> >    Key is ok
> >    Check for key expire stuff
> >    Key has an expiration date of 2009-06-19
> >    2012-05-31.
> 
> Just a note on the weird-looking key expiration here: my primary key
> expires in 2012.  The only bit that expires in june is my smaller
> authentication-capable subkey:
> 
> 0 dkg@pip:~$ gpg --with-colons --list-key 0xd21739e9 | cut -d: -f
> 1,3,7,12 | grep '^[ps]ub'
> pub:4096:2012-05-31:scESCA
> sub:4096:2012-05-31:e
> sub:2048:2009-06-19:a
> 0 dkg@pip:~$
> 
> I suspect that the scripts used to generate these reports aren't used to
> dealing with keys with different expiration dates.  Since the debian
> project probably currently only cares about OpenPGP usage for signing

This isn't correct; the initial account password is sent out encrypted
to the key so it has to have a valid encryption part.

J.

-- 
Can I drink your juice?

Attachment: signature.asc
Description: Digital signature


Reply to: