Page MenuHome GnuPG
Create Task
Maniphest T3498

GPG: Batch keygen has no default expiry date
Closed, ResolvedPublic
Actions

Description

I know I know I should use the quick-gen API in the future. But existing software uses the batch keygen api.

The problem here is that the behavior is different regarding the expiry date. For quick-gen / gen key with gnupg we have a default expiry. And then For batch keygen we don't. Example:

key-type:      RSA
key-length:    2048
key-usage:     sign,encrypt
name-real:     expiry-test

Generates a key without expiry.

This leads to Kleopatra / KMail generating keys without expiry dates by default and has been reported as a bug there.

Details

Version
master

Event Timeline

aheinecke created this task.Nov 13 2017, 11:20 AM
werner added a comment.Nov 13 2017, 12:18 PM

Hmm. I am fine changing this for master. But for 2.2 I am nut sure. Asking on gnupg-devel?

aheinecke added a comment.Nov 13 2017, 12:19 PM

Ok for me to just have it in master. It should be fixed but is not super important imo.

aheinecke closed this task as Resolved.Apr 12 2021, 2:43 PM

This was changed in kleopatra some time ago to also generate keys with 2y expiry. So the motivation for this issue is gone.