-
-
Notifications
You must be signed in to change notification settings - Fork 23
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
expiration sig preferrence incompatibility #55
Comments
When changing expiration, we are adding a signature. I tried to remove the original signatures signatures from the PGPainless key using OpenPGP.js and then check expiration again - it was as expected. It appears there are two bugs in PGPainless to address:
For reference this is the expiring key made by PGPainless that I modified to remove the originally generated sigs - showing expiration correctly in OpenPGP.js.
|
Another way to fix this (possibly easier / clearer)
Thank you for your hard work on this and responsiveness. It's not urgent right now. Let me know your thoughts 👍 |
Note, that the expiration time is regarding the key, not the signature. I would therefore argue that PGPainless is behaving correctly when expiring a key by adding a signature. If OpenPGP.js interprets the key that was expired using PGPainless as not expiring then I'd say this is a bug in OpenPGP.js. Note that the key is correctly being interpreted as expired by GnuPG. |
Ah - that's a sublety I was not aware of. I'll check with OpenPGP.js then. Thanks for the clarification! |
Filed 👍 |
Example generated keypair:
Contrast with OpenPGP.js generated expiring keypair:
The PGPainless key is showing "critical" next to the expiration at https://dump.sequoia-pgp.org/this is fineI'll post an issue at OpenPGP.jssee belowThe text was updated successfully, but these errors were encountered: