Hi Martijn,
thanks, this did the trick for the moment.
Now I have spotted some more glitches about this:
* At first, I changed the expiration date of my public key to 10 years
in the future, and saved. I did _not_ change the expiration date of
the SSB (signing key), which was still non-expiring.
* I exported the pub key (which includes both pubkeys? confirm...),
reuploaded it to our PGP keyserver, and reimported it into Ciphermail.
* Now Ciphermail showed the expiration date correctly, 10 years in the
future.
* When I searched for the new key while importing, though, the found
key was being shown as non-expiring.
* With this key imported in CIphermail, I tried to send a test email,
and it did NOT work. The email bounced (I have the Ciphermail set up
to reject all emails which it cannot encrypt)
After that:
* I changed the expiration date of both the public key _and_ the
signing key, to the same 10 years in the future, and saved.
* I exported the new pubkey, reuploaded it to our PGP keyserver, and
reimported into Ciphermail
* Now again Ciphermail shows the expiration date correctly (+10y)
* AGAIN, When I searched for the new key while importing, the found
key was being shown as non-expiring. THis is definitely a bug, since
all keys now have an expiration date set.
* With this key imported in CIphermail, I tried to send a test email,
and it DID work.
So I'm fine for now, because I got it working. But it seems the old keys
are being cached somewhere n Ciphermail, even after I delete them, and
the cached ones are being used to show info about them, but not for
signing...
Also, maybe that the expiration date shown is from the signing key and
not the general pubkey...
I hope this additional info is useful for you :-) Feel free to contact
me for some more tests if you need.
Thanks again for a great piece of software.
Cheers
Jorge
*Jorge Gonzalez Villalonga*
Systems Engineer
*The International Consortium of Investigative Journalists*
<https://www.icij.org>
1710 Rhode Island Ave NW, 11th floor | Washington DC 20036 | United States
Phone: +34 672 173 200 (Madrid, Spain)
El 16/4/21 a las 10:38, Martijn Brinkers escribió:
Hi Jorge,
This looks like a bug. It is debatable what it means if there is a
signature which says that a key is expired and there is another
signature which says that the key never expires. That said, the new
signature that says that the key never expires is newer so it should
prevail. I will look into it. As a workaround you might try to create a
new key signature with an expiration date far in the future.
I'll look into the issue
Kind regards,
Martijn Brinkers
