Changes have been made in Git for this ticket:

Bug #6601: Also need to use creation time from signature, not key

  1 files changed, 1 insertions(+), 1 deletions(-)
http://git.horde.org/horde-git/-/commit/d7e0650eded9684e149d63475ccb1548c883eb9c

Changes have been made in Git for this ticket:

Bug #6601: There *is* an expiration date in this key.

  1 files changed, 1 insertions(+), 1 deletions(-)
http://git.horde.org/horde-git/-/commit/cf3c2c123f87f6ef2841e92b941481dbd6918fb2

See http://lists.horde.org/archives/dev/Week-of-Mon-20111205/026826.html

We don't want to output expires information for the base key, because 
it will always be 0 for all cases we care about.  We want the 
expiration date of each signature.

Maybe, but it's not the same like the key expiration and not what we 
display in the key information. The signature expiration is correctly 
returned in the signature information.

Isn't the self-signature expiration the important expiration?

Merged

Becoming an PGP export now. :) From RFC 2440:



5.2.3.5. Key expiration time

    The validity period of the key.  This is the number of seconds after

    the key creation time that the key expires.  If this is not present

    or has a value of zero, the key never expires. This is found only on

    a self-signature.



5.2.3.9. Signature expiration time

    The validity period of the signature.  This is the number of seconds

    after the signature creation time that the signature expires. If this

    is not present or has a value of zero, it never expires.

I'm not a PGP expert, but to me it looks as if there are separate 
fields for the key expiration and signature expiration dates. And 
since one is set in Chuck's test key, but the other not, there doesn't 
seem to be some intrinsic link between them.

Won't expiration date always be never then?  Doesn't that field refer 
to the expiration date of the signature of the owner of the key?

Does anybody disagree?

I don't think there is anything to fix. The key doesn't have an 
expiration date set, only the signature.

Added a test that should be merged when this is fixed, too.

This commit:

http://lists.horde.org/archives/cvs/Week-of-Mon-20080414/077361.html



adds parsing of expiration dates out of the --list-packets output. 
However, it gets set way down in the sig_* array, and isn't reflected 
in the pgpPrettyKey() output. I'm not really clear what the right way 
to do this is, though. Help?

And



$ gpg --list-keys address@example.com

pub   1024D/F3C01D42 2008-04-11 [expires: 2013-04-10]

uid                  John Smith <address@example.com>

sub   2048g/AF52BF66 2008-04-11 [expires: 2013-04-10]

I was sent the attached PGP public key.



IMP shows:



Name:             John Smith

Key Type:         Public Key

Key Creation:     04/11/08

Expiration Date:  [Never]

Key Length:       1024 Bytes

Comment:          [None]

E-Mail:           address@example.com

Hash-Algorithm:   pgp-sha1

Key ID:           0xF3C01D42

Key Fingerprint:  5912 D91D 4C79 C670 1FFF  1486 04A6 7B37 F3C0 1D42





The expiration date should be "04/11/13", aka 5 years.



gpg --list-packets shows:



:public key packet:

        version 4, algo 17, created 1207935691, expires 0

        pkey[0]: [1024 bits]

        pkey[1]: [160 bits]

        pkey[2]: [1018 bits]

        pkey[3]: [1023 bits]

:user ID packet: "John Smith <address@example.com>"

:signature packet: algo 17, keyid 04A67B37F3C01D42

        version 4, created 1207935691, md5len 0, sigclass 0x13

        digest algo 2, begin of digest b6 e5

        hashed subpkt 2 len 4 (sig created 2008-04-11)

        hashed subpkt 27 len 1 (key flags: 23)

        hashed subpkt 9 len 4 (key expires after 5y0d0h0m)

        hashed subpkt 11 len 5 (pref-sym-algos: 9 8 7 3 2)

        hashed subpkt 21 len 3 (pref-hash-algos: 2 8 3)

        hashed subpkt 22 len 3 (pref-zip-algos: 2 3 1)

        hashed subpkt 30 len 1 (features: 01)

        hashed subpkt 23 len 1 (key server preferences: 80)

        subpkt 16 len 8 (issuer key ID 04A67B37F3C01D42)

        data: [160 bits]

        data: [157 bits]

:public sub key packet:

        version 4, algo 16, created 1207935691, expires 0

        pkey[0]: [2048 bits]

        pkey[1]: [3 bits]

        pkey[2]: [2048 bits]

:signature packet: algo 17, keyid 04A67B37F3C01D42

        version 4, created 1207935691, md5len 0, sigclass 0x18

        digest algo 2, begin of digest a4 15

        hashed subpkt 2 len 4 (sig created 2008-04-11)

        hashed subpkt 27 len 1 (key flags: 0C)

        hashed subpkt 9 len 4 (key expires after 5y0d0h0m)

        subpkt 16 len 8 (issuer key ID 04A67B37F3C01D42)

        data: [160 bits]

        data: [158 bits]