On Thu Apr 14, 2011 at 11:45:07 +0200, Jesus Cea wrote: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > On 14/04/11 06:05, Daniel Kahn Gillmor wrote: > > On 04/13/2011 10:43 PM, Jesus Cea wrote: > >> My idea was to create a signature with a expiration date, so signatures > >> should be renewed every year. The OpenPGP Standard documents this type > >> of signature <http://tools.ietf.org/html/rfc4880#section-5.2.3.10>, but > >> GPG doesn't seems to have the option to create them. > > > > Look in the man pages for --default-cert-expire and --ask-cert-expire. > > > > If these do what you want, you can also set them in ~/.gnupg/gpg.conf so > > that you don't have to supply them on the command line every time. > > Thanks, Daniel. Looking the manual, I see "--default-sig-expire" and > "--ask-sig-expire" too. What is the difference with "cert"?. > > Maybe "cert" only ask for expiration when signing a key, while "sig" > always ask for an expiration for any kind of signature? > Sorry, I obviously missed the keyword 'data' in 'data signature' when I looked through the manpage. So dkg was right with --ask-cert-expire, which prompts for an expiration date of the signature you're going to perform.
Michael -- --------------------------------------------------------------------- Michael Fladerer <flade...@fnb.tu-darmstadt.de> <flade...@guug.de> --------------------------------------------------------------------- GPG Key-ID: EE61F443 Key fingerprint: A56F FE73 5FCC 4FF1 2E72 360E ACE6 1874 EE61 F443 --------------------------------------------------------------------- _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users