On Wed, Jul 01, 2026 at 10:36:11AM +0200, Robert Jäschke via Mutt-users wrote:
I am using gpgme (set crypt_use_gpgme) to encrypt and sign mails using
s/mime. Several (own and others') certificates have been expired and
are still in gpg's database. I do not want to remove them, since I can
still use them to validate/decrypt old mails. Still, I find it
confusing (if not to say annoying), to get these expired certificates
presented whenever I want to send an encrypted mail, e.g.:

I'm sorry to say the news is not great. The mutt GPGME code was written quite a while ago. It looks like, at that time, the concept of expired was not included in the s/mime code when querying keys.

It looks quite deliberate, because the query code is shared with PGP but has those parts only enabled for the PGP backend. So perhaps at that time the GPGME library didn't have support for that information.

I'm not sure if it does now. I'll check with Werner and see if there are updates.

--
Kevin J. McCarthy
GPG Fingerprint: 8975 A9B3 3AA3 7910 385C  5308 ADEF 7684 8031 6BDA

Attachment: signature.asc
Description: PGP signature

Reply via email to