Expired gpg Key used to sign wallet

Question

Expired gpg Key used to sign wallet

Opened this issue 2 years ago · 5 comments

Problem

The Latest Release 4.2.2.1 (electrum-ltc-4.2.2.1.dmg) is signed with a key, which already expired in January:

$ gpg --keyserver keyserver.ubuntu.com --recv-keys 0x6fc4c9f7f1be8fea 0xfe3348877809386c 0x3b2a6315cd51a673
gpg: key 3B2A6315CD51A673: "Loshan T (A.K.A. losh11) <loshan1212@gmail.com>" not changed
gpg: key FE3348877809386C: public key "Adrian Gallagher <thrasher@addictionsoftware.com>" imported
gpg: key 6FC4C9F7F1BE8FEA: public key "pooler <pooler@litecoinpool.org>" imported
gpg: Total number processed: 3
gpg:               imported: 2
gpg:              unchanged: 1

$  gpg --list-keys Loshan
pub   rsa4096 2016-01-09 [SC] [expired: 2022-01-16]
      C0921846FED0BF4CF28BE1D73B2A6315CD51A673
uid           [ expired] Loshan T (A.K.A. losh11) <loshan1212@gmail.com>

Solution

Please sign again with a valid key.

Answer 1 · 2022-06-14T15:28:28.000Z

As far as I can tell that key is valid until 2026.

$ gpg --list-keys Loshan
pub   rsa4096 2016-01-09 [SC] [expires: 2026-01-09]
      C0921846FED0BF4CF28BE1D73B2A6315CD51A673
uid           [ unknown] Loshan T (A.K.A. losh11) <loshan1212@gmail.com>

It looks like the key was already present in your keyring. Have you tried running gpg --refresh-keys?

Answer 2 · 2022-06-15T10:09:07.000Z

Strange ... I tried to refresh but the key is still the same:

$ gpg --refresh-keys
gpg: refreshing 74 keys from hkps://keys.openpgp.org
...
gpg: key 3B2A6315CD51A673: "Loshan T (A.K.A. losh11) <loshan1212@gmail.com>" not changed
...
gpg: Total number processed: 73
gpg:              unchanged: 66
gpg:           new user IDs: 3
gpg:         new signatures: 15

$ gpg --refresh-keys Loshan
gpg: refreshing 1 key from hkps://keys.openpgp.org
gpg: key 3B2A6315CD51A673: "Loshan T (A.K.A. losh11) <loshan1212@gmail.com>" not changed
gpg: Total number processed: 1
gpg:              unchanged: 1

I though I have somewhere seen, that you are using the ubuntu-keyserver. So I tried again explicitly setting that server:

$ gpg --refresh-keys --keyserver keyserver.ubuntu.com  Loshan
gpg: refreshing 1 key from hkp://keyserver.ubuntu.com
gpg: key 3B2A6315CD51A673: "Loshan T (A.K.A. losh11) <loshan1212@gmail.com>" not changed
gpg: Total number processed: 1
gpg:              unchanged: 1

But that as well did not update the key:

$ gpg --list-keys Loshan
pub   rsa4096 2016-01-09 [SC] [expired: 2022-01-16]
      C0921846FED0BF4CF28BE1D73B2A6315CD51A673
uid           [ expired] Loshan T (A.K.A. losh11) <loshan1212@gmail.com>

Any idea, what happens here?

Answer 3 · 2022-06-15T10:32:48.000Z

OK, maybe try removing the key and then fetching it again?

$ gpg --delete-key 0x3b2a6315cd51a673
$ gpg --recv-keys 0x3b2a6315cd51a673

Answer 4 · 2022-06-15T10:37:50.000Z

Unfortunately that does not change the situation:

$ gpg --delete-key 0x3b2a6315cd51a673
gpg (GnuPG/MacGPG2) 2.2.34; Copyright (C) 2022 g10 Code GmbH
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.


pub  rsa4096/3B2A6315CD51A673 2016-01-09 Loshan T (A.K.A. losh11) <loshan1212@gmail.com>

Delete this key from the keyring? (y/N) y

$ gpg --recv-keys 0x3b2a6315cd51a673
gpg: key 3B2A6315CD51A673: public key "Loshan T (A.K.A. losh11) <loshan1212@gmail.com>" imported
gpg: Total number processed: 1
gpg:               imported: 1

$ gpg --list-keys Loshan
pub   rsa4096 2016-01-09 [SC] [expired: 2022-01-16]
      C0921846FED0BF4CF28BE1D73B2A6315CD51A673
uid           [ expired] Loshan T (A.K.A. losh11) <loshan1212@gmail.com>

Am I the only one who experiences this problem or am I the only one who cares about expired keys? :-)

Answer 5 · 2022-06-15T13:33:50.000Z

@ilsd This key is still valid, I believe you may have changed your local gpg configuration. Here's a screenshot from the Ubuntu keyserver:

As you can see I renewed my GPG key prior to expiry in 2017.