Ben Kibbey <[email protected]> writes: > Is it normal behavior to add a subkey whose expiration is after a > primary key only to have the subkey be flagged as expired after the > primary key expires? If so, it may be good to issue a warning during > --edit-key that a subkey expiration is later than the primary since one > would have to change the expiration of both the primary and subkeys to > make use of them.
Functionally a subkey is signed by the primary key, sort of like chained certificates in pkix. So while the subkey might not be expired, it can't be validated. Agreed that a warning is in order. _______________________________________________ Gnupg-devel mailing list [email protected] https://lists.gnupg.org/mailman/listinfo/gnupg-devel
