Page MenuHome GnuPG

warn when primary key expiration updated without encryption-capable subkey
Closed, ResolvedPublic


In a discussion on gnupg-users [0], i observed that it's not uncommon for
someone to update the expiration date on their primary key but fail to update
the expiration date on their encryption-capable subkey.

This leaves the user with a valid OpenPGP certificate, but one that is not
possible to encrypt to. Werner suggested [1] that there should be a warning in
this case.


Event Timeline

Done with commit ae3d1bb. It works by checking whether the latest encryption
subkeys expires in less then 10 days. Should be backported to 2.0.

werner claimed this task.
werner removed a project: In Progress.

Backported to 2.0: commit 2424028.