diff --git a/g10/ChangeLog b/g10/ChangeLog
index 6184c5422..ca52ac697 100644
--- a/g10/ChangeLog
+++ b/g10/ChangeLog
@@ -1,3 +1,18 @@
+2002-12-01  David Shaw  <dshaw@jabberwocky.com>
+
+	* keyedit.c (menu_expire): Don't lose key flags when changing the
+	expiration date of a subkey.  This is not the most optimal
+	solution, but it is minimal change on the stable branch.
+
+	* main.h, keygen.c (do_copy_key_flags): New function to copy key
+	flags, if any, from one sig to another.
+	(do_add_key_expire): New function to add key expiration to a sig.
+	(keygen_copy_flags_add_expire): New version of
+	keygen_add_key_expire that also copies key flags.
+	(keygen_add_key_flags_and_expire): Use do_add_key_expire.
+	
+	* import.c (fix_hkp_corruption): Comment.
+
 2002-11-23  David Shaw  <dshaw@jabberwocky.com>
 
 	* g10.c (add_notation_data): Disallow notation names that do not
diff --git a/g10/import.c b/g10/import.c
index efc104ffa..92ca8310e 100644
--- a/g10/import.c
+++ b/g10/import.c
@@ -493,6 +493,10 @@ fix_hkp_corruption(KBNODE keyblock)
 	  sknode->next=node;
 	  last->next=NULL;
 
+	  /* Note we aren't checking whether this binding sig is a
+	     selfsig.  This is not necessary here as the subkey and
+	     binding sig will be rejected later if that is the
+	     case. */
 	  if(check_key_signature(keyblock,node,NULL))
 	    {
 	      /* Not a match, so undo the changes. */
diff --git a/g10/keyedit.c b/g10/keyedit.c
index 0ee74e0b0..f21906e05 100644
--- a/g10/keyedit.c
+++ b/g10/keyedit.c
@@ -2531,9 +2531,14 @@ menu_expire( KBNODE pub_keyblock, KBNODE sec_keyblock )
 					     sk, 0x13, 0, 0, 0, 0,
 					     keygen_add_std_prefs, main_pk );
 		else
+		  {
+		    struct flags_expire fe;
+		    fe.pk=sub_pk;
+		    fe.sig=sig;
 		    rc = make_keysig_packet( &newsig, main_pk, NULL, sub_pk,
 					     sk, 0x18, 0, 0, 0, 0,
-					     keygen_add_key_expire, sub_pk );
+					     keygen_copy_flags_add_expire,&fe);
+		  }
 		if( rc ) {
 		    log_error("make_keysig_packet failed: %s\n",
 						    g10_errstr(rc));
diff --git a/g10/keygen.c b/g10/keygen.c
index 87a371702..dc70a8a35 100644
--- a/g10/keygen.c
+++ b/g10/keygen.c
@@ -143,34 +143,56 @@ do_add_key_flags (PKT_signature *sig, unsigned int use)
     build_sig_subpkt (sig, SIGSUBPKT_KEY_FLAGS, buf, 1);
 }
 
+static void
+do_copy_key_flags (PKT_signature *sig, PKT_signature *oldsig)
+{
+  const byte *f;
+  size_t n;
+ 
+  /* Note that this will make any key flags in the unhashed area
+     disappear.  This may be good or bad, depending on your point of
+     view. */
+  f=parse_sig_subpkt(oldsig->hashed,SIGSUBPKT_KEY_FLAGS,&n);
+  if(f)
+    build_sig_subpkt(sig,SIGSUBPKT_KEY_FLAGS,f,n);
+}
+
+static void
+do_add_key_expire( PKT_signature *sig, PKT_public_key *pk )
+{
+  if( pk->expiredate )
+    {
+      byte buf[4];
+      u32 u;
+
+      u = pk->expiredate > pk->timestamp? pk->expiredate - pk->timestamp
+	: pk->timestamp;
+      buf[0] = (u >> 24) & 0xff;
+      buf[1] = (u >> 16) & 0xff;
+      buf[2] = (u >>  8) & 0xff;
+      buf[3] = u & 0xff;
+      build_sig_subpkt( sig, SIGSUBPKT_KEY_EXPIRE, buf, 4 );
+    }
+}
 
 int
-keygen_add_key_expire( PKT_signature *sig, void *opaque )
+keygen_copy_flags_add_expire( PKT_signature *sig, void *opaque )
 {
-    PKT_public_key *pk = opaque;
-    byte buf[8];
-    u32  u;
+  struct flags_expire *fe=opaque;
+  do_add_key_expire(sig,fe->pk);
+  do_copy_key_flags(sig,fe->sig);
 
-    if( pk->expiredate ) {
-	u = pk->expiredate > pk->timestamp? pk->expiredate - pk->timestamp
-					  : pk->timestamp;
-	buf[0] = (u >> 24) & 0xff;
-	buf[1] = (u >> 16) & 0xff;
-	buf[2] = (u >>	8) & 0xff;
-	buf[3] = u & 0xff;
-	build_sig_subpkt( sig, SIGSUBPKT_KEY_EXPIRE, buf, 4 );
-    }
-
-    return 0;
+  return 0;
 }
 
 static int
 keygen_add_key_flags_and_expire (PKT_signature *sig, void *opaque)
 {
-    struct opaque_data_usage_and_pk *oduap = opaque;
+  struct opaque_data_usage_and_pk *oduap = opaque;
 
-    do_add_key_flags (sig, oduap->usage);
-    return keygen_add_key_expire (sig, oduap->pk);
+  do_add_key_flags (sig, oduap->usage);
+  do_add_key_expire(sig,oduap->pk);
+  return 0;
 }
 
 static int
@@ -474,7 +496,7 @@ keygen_add_std_prefs( PKT_signature *sig, void *opaque )
     byte buf[8];
 
     do_add_key_flags (sig, pk->pubkey_usage);
-    keygen_add_key_expire( sig, opaque );
+    do_add_key_expire (sig, pk);
     keygen_upd_std_prefs (sig, opaque);
 
     buf[0] = 0x80; /* no modify - It is reasonable that a key holder
diff --git a/g10/main.h b/g10/main.h
index 466d74a1f..5584e8655 100644
--- a/g10/main.h
+++ b/g10/main.h
@@ -127,7 +127,12 @@ u32 ask_expiredate(void);
 void generate_keypair( const char *fname );
 int keygen_set_std_prefs (const char *string,int personal);
 char *keygen_get_std_prefs (void);
-int keygen_add_key_expire( PKT_signature *sig, void *opaque );
+struct flags_expire
+{
+  PKT_public_key *pk;
+  PKT_signature *sig;
+};
+int keygen_copy_flags_add_expire( PKT_signature *sig, void *opaque );
 int keygen_add_std_prefs( PKT_signature *sig, void *opaque );
 int keygen_upd_std_prefs( PKT_signature *sig, void *opaque );
 int keygen_add_revkey(PKT_signature *sig, void *opaque);