cannot import key

[Werner Koch]

On Fri, 10 Aug 2001 17:29:28 -0400, David Shaw said:

> Notice the two different creation dates.  The digest data is different
> as well.  The first of these two sigs is the bad one.  Can you think
> of any reason the key might have been self-signed at two different
> times?  (Changing the expiration on the key can do this).

There are a couple of reasons why you want a new self signature, like
adding other notation data or changing the preferences.  An
implementation should use the latest self-signature and ignore
others.  It should even be possible to revoke a user ID revocation
(e.g. dropping out of a company and getting back later).

The current CVS code of GnuPG allows to change the primary key or the
preferences and therefore it has to create a new self-signature.
Actually GnuPG sets the timestamp of the sef-signature just
one second ahead to mark it newer.

   Werner

-- 
Werner Koch        Omnis enim res, quae dando non deficit, dum habetur
g10 Code GmbH      et non datur, nondum habetur, quomodo habenda est.
Privacy Solutions                                        -- Augustinus