Global Directory signatures (was Re: GPG wants to check trustdb every day)

Jason Harris jharris at widomaker.com
Wed Dec 29 06:47:22 CET 2004


On Tue, Dec 28, 2004 at 11:44:21PM -0500, David Shaw wrote:

> The GD doesn't support no-modify either.

It is enforcing something.  It won't take any new signatures on its own
key, 0xCA57AD7C, and the only signatures it has on your key, 0x99242560,
all seem to be from other keys it has stored.

Also, it doesn't necessarily wait until its last signature expires before
issuing a new one:

  [pull key from GD]
  %gpg --check-sigs 99242560
  ...
  sig!         CA57AD7C 2004-12-29  PGP Global Directory Verification Key
  sig!         CA57AD7C 2004-12-29  PGP Global Directory Verification Key
  ...

  [delete key, pull it from kjsl]
  %gpg --check-sigs 99242560
  ...
  sig!         CA57AD7C 2004-12-29  PGP Global Directory Verification Key
  sig!         CA57AD7C 2004-12-29  PGP Global Directory Verification Key
  sig!         CA57AD7C 2004-12-21  PGP Global Directory Verification Key
  sig!      X  CA57AD7C 2004-12-08  PGP Global Directory Verification Key
  ...

-- 
Jason Harris           |  NIC:  JH329, PGP:  This _is_ PGP-signed, isn't it?
jharris at widomaker.com _|_ web:  http://keyserver.kjsl.com/~jharris/
          Got photons?   (TM), (C) 2004
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 309 bytes
Desc: not available
Url : /pipermail/attachments/20041229/eda6ebc0/attachment.bin


More information about the Gnupg-users mailing list