Bodo_Moeller at public.uni-hamburg.de
Thu Mar 25 15:31:27 CET 1999
On Thu, Mar 25, 1999 at 04:46:00AM +0100, Bodo Moeller wrote:
> Keys created with 0.9.3 can have
> extra self-signatures and extra self-signatures on the sub-key, which
> can work quite well for many things, but can also cause all kind of
> problems (it's just that you notice those problems too late :-( ).
0.9.5 seems to fix that problem.
All this made me notice that some important functionality seems to be
missing in GnuPG: The ability to view a file with extracted keys as per
"--list-sigs"/"-kvv" instead of the short "--list-keys"/"-kv" format
("--keyring" helps only if the file is not armored); and the ability
to import only selected keys or even only selected signatures from a
key file. (Plus, as already noted, some possibility to delete
selected signatures from a key in the keyring.)
> I neither can delete that key nor import it into a
> fresh .gnupg directory, whereas I could import it into some other
This appears to have been a bug fixed with 0.9.4 (but pgpacket gives
strange output for keys exported from 0.9.4 and for pubring.gpg --
no problem there with 0.9.4).
GnuPG 0.9.5 now ignores the misplaced subkey signature, but it imports
the additional self-signatures for the main key and for the subkey.
To import only the correct signatures, I had to export and delete the
key (which requires deleting the secret key first, so I made a copy of
the secring), and then I removed the "bad" signature packets in emacs,
imported the edited key, and finally imported the copy of secring.gpg.
There really should be an easier way to do things like that :-)
More information about the Gnupg-devel