Can I change expiration date of a gpg key I've already sent to a key server?

Question

Once a key has been submitted to a keyserver, it cannot be deleted from the server.

Does that mean that also the expiration date with which I published the key via gpg --send-keys key-id cannot be changed?

score 2 · Answer 1 · answered Nov 19 '21 at 12:43

2

You can change the expiration date locally:

gpg --edit-key <your-key-id>
expire
#Now specify how long the key should be valid
save

Update the modified key on keyserver:

gpg --send-keys <your-key-id>

A key cannot be deleted, but it can be changed.

answered Nov 19 '21 at 12:43

ieggel

1

FWIW -- Every year (on my birthday) I set my key to expire in 55 weeks and re-upload it to key exchanges and my GitHub public Gist. When I was taught this, the idea was that you were telling everyone to not trust a key past a certain date, but with the option of expanding (which I do each year). That way if you lose access to the key, it'll self expire in a years time. (think "dead man's switch" for your key.) Otherwise you keep re-upping each year and keep using the same key. – Ruscal Aug 16 '22 at 17:43
1

@Ruscal "Good morning honey! Do you know what day it is?" - "The day to update my public key expiration date, woo!" – The one who tests Aug 16 '22 at 22:44

1 Answers1