Hi taurus-- On 01/05/2010 08:13 PM, taurus wrote: > I am trying to change the expiration time of 2 sub-keys with no success. > I edit the main key and with command expire I selected the uid(s)
sub-keys are not bound to any particular uid ("user id"), but rather to
the primary key itself. selecting any particular uid shouldn't have any
effect on any particular subkey.
> the result is this:
>
> Secret key is available.
>
> pub 4096R/C9CFBFA0 created: 2008-12-31 expires: never usage: SC
> trust: ultimate validity: ultimate
> sub 4096R/F2A8860E created: 2008-12-31 expired: 2009-12-31 usage: E
> ^^^^^^^^^^^ ^^^^^^^^^^^^^^
> sub 1024R/ED88A3D8 created: 2009-01-13 expires: 2010-01-13 usage: S
> ^^^^^^^^^^^^ ^^^^^^^^^^^^^^
The things you're underlining here (it's not really aligned using a
monospace font, so i'm not sure) appears to be the "created" field, not
the "expires" field. this is confusing.
Looking at C9CFBFA0 on the public keyservers, i don't see your signing
subkey (ED88A3D8) on it at all. is it possible that has not been
published? (your jpeg UAT is also not published, afaict)
> And this key continues unavailable for signing or encrypting in Mail
> application.
> I can't figure what I'm doing wrong, any help is welcome.
i think the usual recommendation is to not bother updating expiration
dates on subkeys; just make a new subkey with the intended usage flags,
and set a new expiration date. This should work fine for both signing-
and encryption-capable subkeys as long as you re-publish your entire
OpenPGP cert to the keyservers after adding the subkey, and your
correspondents know how to update their keyrings.
is there a reason that you need to keep any particular subkey in use?
hth,
--dkg
signature.asc
Description: OpenPGP digital signature
_______________________________________________ Gnupg-users mailing list [email protected] http://lists.gnupg.org/mailman/listinfo/gnupg-users
