cannot import key

David Shaw dshaw at
Mon Aug 13 04:15:02 CEST 2001

On Sun, Aug 12, 2001 at 07:20:59PM +0200, Werner Koch wrote:
> On Fri, 10 Aug 2001 17:29:28 -0400, David Shaw said:
> > Notice the two different creation dates.  The digest data is different
> > as well.  The first of these two sigs is the bad one.  Can you think
> > of any reason the key might have been self-signed at two different
> > times?  (Changing the expiration on the key can do this).
> There are a couple of reasons why you want a new self signature, like
> adding other notation data or changing the preferences.  An
> implementation should use the latest self-signature and ignore
> others.  It should even be possible to revoke a user ID revocation
> (e.g. dropping out of a company and getting back later).

Oh sure, I was just answering the original poster's question why he
can't import his key.  The answer is that he has two copies of it out
there, with two different self-sigs, one of which is a bad signature
for whatever reason.

Ideally, the keyservers would have merged the two keys into one, thus
resulting in two self-sigs, one of which would be valid.


   David Shaw  |  dshaw at  |  WWW
   "There are two major products that come out of Berkeley: LSD and UNIX.
      We don't believe this to be a coincidence." - Jeremy S. Anderson

More information about the Gnupg-devel mailing list