If Alice has made an OpenPGP certification over Bob's primary key + user ID, gpg
currently won't let her make a new signature, with an error message:
"Bob <email@example.com>" was already signed by key D39BDA50DD443420 Nothing to sign with key D39BDA50DD443420
This is true even if Alice's certification is due to expire soon, or was made by
a weak digest algorithm (e.g. --weak-digest), or lacks some feature that a
newly-made certification would have (e.g. notation, etc).
It's possible to override this limit by using the --expert flag, but users
really shouldn't need to do so if they are trying to update an existing
Please make this check only skip the signing process if the *only* way that the
new certification would differ from the existing certification is based on the
creation date of the timestamp.