Hi Martijn,
thanks, this did the trick for the moment.
Now I have spotted some more glitches about this:
- At first, I changed the expiration date of my public key to 10
years in the future, and saved. I did _not_ change the
expiration date of the SSB (signing key), which was still
non-expiring.
- I exported the pub key (which includes both pubkeys?
confirm...), reuploaded it to our PGP keyserver, and reimported
it into Ciphermail.
- Now Ciphermail showed the expiration date correctly, 10 years
in the future.
- When I searched for the new key while importing, though, the
found key was being shown as non-expiring.
- With this key imported in CIphermail, I tried to send a test
email, and it did NOT work. The email bounced (I have the
Ciphermail set up to reject all emails which it cannot encrypt)
After that:
- I changed the expiration date of both the public key _and_ the
signing key, to the same 10 years in the future, and saved.
- I exported the new pubkey, reuploaded it to our PGP keyserver,
and reimported into Ciphermail
- Now again Ciphermail shows the expiration date correctly
(+10y)
- AGAIN, When I searched for the new key while importing, the
found key was being shown as non-expiring. THis is definitely a
bug, since all keys now have an expiration date set.
- With this key imported in CIphermail, I tried to send a test
email, and it DID work.
So I'm fine for now, because I got it working. But it seems the
old keys are being cached somewhere n Ciphermail, even after I
delete them, and the cached ones are being used to show info about
them, but not for signing...
Also, maybe that the expiration date shown is from the signing
key and not the general pubkey...
I hope this additional info is useful for you :-) Feel free to
contact me for some more tests if you need.
Thanks again for a great piece of software.
Cheers
Jorge
El 16/4/21 a las 10:38, Martijn
Brinkers escribió:
Hi Jorge,
This looks like a bug. It is debatable what it means if there is a
signature which says that a key is expired and there is another
signature which says that the key never expires. That said, the new
signature that says that the key never expires is newer so it should
prevail. I will look into it. As a workaround you might try to create a
new key signature with an expiration date far in the future.
I'll look into the issue
Kind regards,
Martijn Brinkers