Bodo Moeller <in5y094(_at_)public(_dot_)uni-hamburg(_dot_)de> writes:
The self-signature! Not the whole key, unless you don't re-validate.
For this, a signature validity period should be used, not a key
IIRC, I have never seen a direct key signature with an expiration date
- so the only available expiration date is the one from the (latest)
self-signature on a user ID.
I have considered to add the expiration date to the key but there
is no strategy defined how to process multiple expiration dates.
I think this should be addressed in the next revision of OpenPGP along
with some other similar issues (e.g. can a revocation of a
self-signature on a user ID been overridden by a newer
self-signature).
--
Werner Koch at guug.de www.gnupg.org keyid 621CC013