Bruno Haible via Gnulib discussion list <bug-gnulib@gnu.org> writes: > Simon Josefsson wrote: >> > This is consistent with the following observation: When I download your >> > PGP key from https://savannah.gnu.org/users/jas, I see that it has only >> > self-signatures. >> >> Savannah admins made a decision to "minimize" uploaded keys, removing >> all signatures. I think that is a bad idea, but some people suggest >> GDPR make people do this. > > They not only removed all signatures. They also set an expire date of > 2022-05-17, which is earlier than the original expire dates of your keys. > (I did not understand that it was possible for the same key to have > different expire dates, depending on where one gets it from. I thought > it was a gpg2 bug, and it confused me a lot.) See:
I extend my expiry date once in a while, since I prefer relatively short key validity and to extend them if there was no known key compromise. Nobody but the private key holder can modify expire dates. This property surprises many people, but once understood it make some sense. /Simon
signature.asc
Description: PGP signature
