[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: gpg key expiration time

From: Tobias Geerinckx-Rice
Subject: Re: gpg key expiration time
Date: Mon, 15 Mar 2021 18:24:10 +0100

Hi Paul!

Paul Garlick 写道:
After renewing the expiration time of one's gpg key, and uploading the
updated key to Savannah, is it also necessary to update the
corresponding file in the keyring branch?


I notice from the log that, so far, none of the original files have been updated. Does this mean that the original validation is accepted
for new commits signed with an updated key?


The expiry date is not embedded in your cryptographic key, merely attached to it as a signed ‘packet’.

Of course, OpenPGP has a reputation to maintain as the most confusing software on earth, so all these packets are stored together with your cryptographic key(s) in a single file that everyone calls your... ‘key’.

Anyway: Guix ignores expiry dates by design. It merely verifies that each commit was signed with an authorised key.

Kind regards,


Attachment: signature.asc
Description: PGP signature

reply via email to

[Prev in Thread] Current Thread [Next in Thread]