Software Current Tests - Bug 911 (GPG key expired bug)

Background Informations, Instructions

Testserver 1: http://cacert1.it-sls.de


Instructions and Sample Test Matrix for Software Testers

Introduction

In the error case users received expired GPG keys in the view GPG keys list with date set "1971-01-02" in expires field with realy fresh new created GPG keys, expiry date set or not at built time.

CAcert's points system for Assuree's and Assurers is as follows:

The GPG key and the Expiry date shown in GPG view keys list

A note towards the expire date as shown by CAcert: There is a bug which has hopefully been fixed on the test system but from what I gather from the comments above there is also a misunderstanding:

The expiry date shown is not that of the key itself but of the Signature of CAcert.
That means your key will still be valid in general but the signature that CAcert did on your key will expire so you just have to resign it to get a valid signature again.

Unfortunately most GUI tools don't show the expiration of a signature.
On the command line you can check out the validity of the signatures on a key by running
"gpg --check-sigs <key-ID>". The "X" indicates an eXpired signature.

Preliminaries

For this test you'll need:

Instructions to create pgp test keys

Test Matrix for Testers

  1. create a new key, set expire option to '0'
  2. create a new key, set expire option > '0' (days, weeks, months, years)

  3. variations in used algorythm
  4. variations in key-length

Reporting

Report the results under:

of each step you walk thru

Add the used parameters in key generation to the report

report about 5 lines from the signed key:
Output -> gpg -vv your-signed-key.gpg
that includes the "md5len" and "critical hashed subpkt" lines

sample:

Additional Tests

find yourself addtl. test variations ...

Happy testing


Software/CurrentTest/bug911 (last edited 2011-07-21 15:41:33 by UlrichSchroeter)