Moved out of T3948
Checks the behaviour of the application when an intermediate certificate has expired (now > notAfter). This path is not valid, because one CA certificate has expired.
Checks the behaviour of the application when the target certificate has expired (now > notAfter). This path is not valid, because the target certificate has expired.
gpgsm --import CERT_PATH_COMMON_08_ROOT_CA.TA.crt echo "87:0F:8B:9E:5E:DF:A7:87:D2:B9:98:7C:2A:EA:9B:D6:DD:93:2F:D0 S" > $GNUPGHOME/trustlist.txt echo "disable-crl-checks" > $GNUPGHOME/gpgsm.conf gpgparsemail --crypto CERT_PATH_COMMON_08.eml gpgparsemail --crypto CERT_PATH_COMMON_10.eml
Result: We get a good signature even if the intermediate CA is expired or the signing certificate is expired. EXPKEYSIG is only shown as status.
I think this is a Bug because it behaves differently then GnuPG.