On Friday 06 May 2011, MFPA wrote: > Hi > > > On Friday 6 May 2011 at 8:48:03 PM, in > > <mid:201105062148.04...@thufir.ingo-kloecker.de>, Ingo Klöcker wrote: > > Unless I'm missing something the difference is as > > follows: - With prolongation of the expiration time > > releases signed before the prolongation will keep > > having a valid signature. - If one creates a new subkey > > then releases signed with the old expired subkey(s) > > will have an invalid signature. One would have to > > re-sign the old releases with the new subkey. > > Surely the signature on the old release would still be valid; it > would just be from a now-expired subkey instead of from the new and > currently-valid subkey. Or have I overlooked something?
It depends on your definition of "valid". In my book a signature can only be valid if the corresponding key is valid. Expired keys are not valid (anymore). Regards, Ingo
signature.asc
Description: This is a digitally signed message part.
_______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
