On 04/23/2009 12:54 PM, Jonathan McDowell wrote: > On Thu, Apr 23, 2009 at 12:45:11PM -0400, Daniel Kahn Gillmor wrote: >> I suspect that the scripts used to generate these reports aren't used to >> dealing with keys with different expiration dates. Since the debian >> project probably currently only cares about OpenPGP usage for signing > > This isn't correct; the initial account password is sent out encrypted > to the key so it has to have a valid encryption part. Ah, thanks. I haven't gotten to that stage of the process myself yet ;) In that case, i think the right calculation would be to run the steps i initially proposed twice, once looking at the signing usage flag (0x02), and a second time looking at the encrypted communications usage flag (0x04). The result would be the earliest date of the two runs. --dkg PS details on usage flags: http://tools.ietf.org/html/rfc4880#section-5.2.3.21
Attachment:
signature.asc
Description: OpenPGP digital signature