Need to understand more about key expiration date
I use PGP Command Line to communicate with our bank. The bank requires keys to have a two year expiration and I'm coming up on renewal.
Not sure what the best way to procede is. I can create a new set of keys and exchange them with the bank, but this is going to require a change window when the keys are replaced at both ends. Moreover, it's going to complicate things if I have to go back and decrypt archive copies of stuff I've encrypted with the old key.
I notice that there are options to set/remove expiration dates on keys (--remove-expiration-date and --set-expiration-date).
My questions are:
1. Can I run these commands against existing keys or are these only available when I'm creating a key pair.
2. What, if anything, bad happens between the time I change the expiration date at my end and the point at which the bank applies the updated key with the new expiration date at their end. Stated another way, will bad things happen if my copy and their copy of the key have different expiration dates?
Thanks in advance,