Joachim Breitner's Homepage
Finding revoked signatures on a gpg key
The Gnu Pricacy Guard seems to have the default option of setting an expiry date when the signed key has such a date. My gpg key used to have such an expiry day when I went to the first keysigning parties (LinuxTag, DebConf 3). I have removed the expiry date later, but still a lot of signatures are now no longer valid: While I have signed 310 keys, my key is currently (pre-DebConf 7) only has 170 valid signatures.
Tonight I wanted to find out what keys are these exactly, and after quite some trial and error I found a way to get that data, using only “real old unix tools” such as awk
, sort
, join
:
gpg --list-options show-sig-expire --fixed-list-mode --with-colons --list-sigs nomeata > my-sigs-col cat my-sigs-col |awk -F: '$1 == "sig" && $7 != "" { print }' | sort -k 5,5 -t : -u > expired cat my-sigs-col |awk -F: '$1 == "sig" && $7 == "" { print }' | sort -k 5,5 -t : -u > non-expired join -v 1 -t : -j 5 expired non-expired > only-expired
Maybe I will use that list some time after DebConf7 to mail all these people, asking them to remove or update the expiry date from their signature.
Have something to say? You can post a comment by sending an e-Mail to me at <mail@joachim-breitner.de>, and I will include it here.