Endpoint Encryption

 View Only

  • 1.  PGP Subkey Expiration Extension - error

    Posted Dec 26, 2012 05:48 PM

    Hi

     I'd like to extend the expiration of one of the subkeys. There is no expiration for the main key.

     pgp --set-expiration-date --expiration-date 2015-01-20 0x939E72AF --passphrase PASSWORD

    - I know that 0x939E72AF is the SUBKEY ID. But I get this message back

    0x939E72AF:set expire date (2002:key to edit not found)

    I do see the subkey in the fingerprint. I dont want to Change the expiration for the Key. Just this one SUBKEY needs to be extended . Can you please let me know what I am missing here?

    Should I provide the command as:

     pgp --set-expiration-date --expiration-date 2015-01-20 MAINKEYID --subkey SUBKEYID  --passphrase PASSWORD - Is this a valid syntax? I couldnt find any reference to it online.

    - I want to confirm before i try this. Just to avoid any mishaps as this is in PROD.

    Many Thanks

     

     



  • 2.  RE: PGP Subkey Expiration Extension - error

    Posted Dec 26, 2012 10:30 PM

    Yes, that syntax should work.  Operations on subkeys require you specify the KeyID of the "top" key, and you then specify the subkey using the --subkey option.

    I'm sorry this is not clear in the documentation.

    Regards,

     



  • 3.  RE: PGP Subkey Expiration Extension - error

    Posted Dec 28, 2012 12:01 AM

    Hi

    When I use

    "pgp --set-expiration-date --expiration-date 2015-01-20 MAINKEYID --subkey SUBKEYID --passphrase PASSWORD" , it does change the expiration date of the subkey BUT ALSO changes the Expiration of the MAINKEY. The main key does NOT have an expiration. I dont want the MAINKEY to expire.

    I just want to change the subkey expiration. Is that Possible? I had to remove the expiration of the MAINKEY. That in turn removed the expiration on the SUBKEY.

    :-(  Can you please suggest?  This is used by a Various # of Clients. I Just want to change the Expiration of ONE subkey. Is that possible?  Now, since when I removed the expiration of the main key it also removed the subkey's expiration date, how can I reset it to the original expiration date?

    What are my options here?

    Here is the list used:

    pgp --list-key-details

    -> Main Key does not have expiration. One of the subkeys is to expire Jan 10

    -> Tried to extend expiration of the subkey

    "pgp --set-expiration-date --expiration-date 2015-01-20 MAINKEYID --subkey SUBKEYID --passphrase PASSWORD"
    -> This changed the subkey expiration. The main key expiration changed from 'Never' to 2015-01-20 as well.

    -> wanted to remove the expiration from main key

    pgp --remove-expiration-date MAINKEYID --passphrase PASSWORD

    -> This removed the expiration from the subkeys as well> Now all is subkey expiration is set to NEVER.

    I just want to get the ONE SUBKEY expiration SET to 2015.


    Thanks

     

     



  • 4.  RE: PGP Subkey Expiration Extension - error

    Posted Dec 28, 2012 01:11 AM

    Hm this may actually be a limitation... let me look into this some more.



  • 5.  RE: PGP Subkey Expiration Extension - error

    Posted Dec 28, 2012 09:16 AM

    Thanks David. Can you please keep me updated? Appreciate that.

    Regards



  • 6.  RE: PGP Subkey Expiration Extension - error

    Posted Dec 31, 2012 01:58 PM

    Hi David

    Any idea? The expiration date is nearing & the process to get this going takes time as well. Please let me know. I am gearing towards creating a new subkey and sending it otherwise. But the current one got reset to NO expiration as well. Is there a way to set JUST THE SUBKEY expiration date? as I said when I tried the command, it set the expiration date on the main Key too and thats is not what is needed.

    Thanks & Happy New Years!