[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Check your signing key expiration dates!

On Du, 07 iul 19, 20:17:41, Teemu Likonen wrote:
> You need to update your copy of the keys. Those developers have very
> likely updated the expiration day and moved it again to some point in
> the future. Debian developers' keys can be updated with WKD protocol
> usign their debian.org email address:
>     gpg --auto-key-locate clear,nodefault,wkd --locate-key dev@debian.org

Apparently a 'gpg --refresh-keys <fingerprint>' is not enough, not sure 

My gpg.conf has:

    keyserver hkps://hkps.pool.sks-keyservers.net
> It's good idea to have expiration date in PGP keys. If the owner loses
> his key (or the owner dies!) and can't revoke the key or can't send the
> revocation certificate everywhere then at least the expiry date takes
> care of invalidating the key.

Right. I've been planning to change my key, so will probably do that for 
the new key.

> Expiration date is also hint for other people that they may need to
> update the key.


Kind regards,

Attachment: signature.asc
Description: PGP signature

Reply to: