Re: gpg key expiration time

guix-devel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: gpg key expiration time

From:	Tobias Geerinckx-Rice
Subject:	Re: gpg key expiration time
Date:	Mon, 15 Mar 2021 18:24:10 +0100

Hi Paul!

Paul Garlick 写道：

After renewing the expiration time of one's gpg key, anduploading the
updated key to Savannah, is it also necessary to update the
corresponding file in the keyring branch?

No.

I notice from the log that, so far, none of the original fileshavebeen updated. Does this mean that the original validation isaccepted
for new commits signed with an updated key?


Yes.

The expiry date is not embedded in your cryptographic key, merelyattached to it as a signed ‘packet’.

Of course, OpenPGP has a reputation to maintain as the mostconfusing software on earth, so all these packets are storedtogether with your cryptographic key(s) in a single file thateveryone calls your... ‘key’.

Anyway: Guix ignores expiry dates by design. It merely verifiesthat each commit was signed with an authorised key.


Kind regards,

T G-R

signature.asc
Description: PGP signature

[Prev in Thread]

Current Thread

[Next in Thread]

gpg key expiration time, Paul Garlick, 2021/03/15
- Re: gpg key expiration time, Tobias Geerinckx-Rice <=
  - Re: gpg key expiration time, Paul Garlick, 2021/03/15

Prev by Date: Re: Guile Netlink 1.0 released
Next by Date: Re: Release 1.2.1: timeline
Previous by thread: gpg key expiration time
Next by thread: Re: gpg key expiration time
Index(es):
- Date
- Thread