2022-08-06
PGP key needs fetching from time to time
Someone reported to me my PGP key was expired and whether I was still using it or I gave up on PGP/GPG. I have an expiry date on my key, but I do update it from time to time when expiry nears. I now notice just doing a gpg --refresh doesn't update the expiry moment. The solution is to hard fetch the key. In the case of my home pgp key:
$ gpg --keyserver pgp.surf.nl --receive-keys 0x5BA9368BE6F334E4This updates the expiry date(s) and the uids. If you have my key and it looks expired and/or still has an old e-mail address with kzdoos in it please do this now. Complete data at pgp.surf.nl: Search results for '0x5BA9368BE6F334E4' where you can see all the details including the revoked bits. Those revoked bits won't show up in normal use. I know gpg and other pgp related software has to be designed to be really really secure up to the last bit, but some attention to user friendlyness could be a good idea if it's possible to confuse even experienced pgp users.