GPG key expiration and keyservers
 

Hi,

I'm currently writing a little HOWTO on GPG: creating and managing keypairs, encrypting, decrypting, signing, etc. I have a few test users (alice, bob, mallory) on a local machine, with a few dummy keypairs.

I know it's bad practice to upload test keys to public keyservers. But then, I wonder what happens if I define a very short period of validity for these, like a couple days or a week? If I upload such a key to a keyserver and it expires after a week, will its record disappear from the keyservers? Or will it stay there eternally like that half dozen test keys I created over the last ten years and that litter the landscape like discarded plastic bottles?

Cheers,

Niki

Mit pgp keyserver doesn't have an option to delete your keys
You can only revoke it
Normally people will set it to no expiry date

But I think it should be considered good practice to set a expiry date. If you don't set it and you loose your revocation and your private key, your key will linger uselessly on the keyservers forever. All my keys have a expiry date set. If I approach the date, I just change it and push the new version to the key servers. This should work.

Thank you, but that was not the question. Let me formulate it differently.

If I create a key with an expiration date of, say, one week, and upload this key to a keyserver, will the key automagically disappear from the keyserver after a week? Because I checked for revoked keys, and they seem to stay there forever.

It will not be deleted. Even expired keys have most likely been used before and therefore should be available for eternity.