A bug or a misfeature?
JanuszA.Urbanowicz
JanuszA.Urbanowicz
Mon Jul 16 00:56:01 2001
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
I have find a deficiency in --edit-key option:
The environment is:
Subshell:alex@sword:[~]:115:> gpg --version
gpg (GnuPG) 1.0.6
Copyright (C) 2001 Free Software Foundation, Inc.
This program comes with ABSOLUTELY NO WARRANTY.
This is free software, and you are welcome to redistribute it
under certain conditions. See the file COPYING for details.
Home: ~/.gnupg
Supported algorithms:
Cipher: IDEA, 3DES, CAST5, BLOWFISH, RIJNDAEL, RIJNDAEL192, RIJNDAEL256,
TWOFISH
Pubkey: RSA, RSA-E, RSA-S, ELG-E, DSA, ELG
Hash: MD5, SHA1, RIPEMD160, TIGER192
There are following keys:
Subshell:alex@sword:[~]:151:> gpg -kvv F9289982
pub 1024D/F9289982 1997-10-13 Szymon Sokol <szymon@bofh.net.pl>
sig F9289982 1998-03-06 Szymon Sokol <szymon@bofh.net.pl>
uid Szymon Sokol <szymon@uci.agh.edu.pl>
sig F9289982 1997-10-13 Szymon Sokol <szymon@bofh.net.pl>
sig 21939169 1997-10-31 Janusz A. Urbanowicz (notebook) <alex@sword>
uid Szymon Sokol <szymon@bci.krakow.pl>
sig F9289982 1998-03-06 Szymon Sokol <szymon@bofh.net.pl>
sub 2048g/BF1B0226 1997-10-13
sig F9289982 1997-10-13 Szymon Sokol <szymon@bofh.net.pl>
Subshell:alex@sword:[~]:152:> gpg -kvv 56A1520D
pub 1024R/56A1520D 1995-04-23 Tomasz R. Surmacz <ts@wroc.apk.net>
sig 56A1520D 1996-08-08 Tomasz R. Surmacz <ts@wroc.apk.net>
[...]
sig 61094A7D 1996-08-08 Szymon Sokol <szymon@uci.agh.edu.pl>
sig 21939169 2001-06-26 Janusz A. Urbanowicz (notebook) <alex@sword>
[...]
Subshell:alex@sword:[~]:150:> gpg -kvv jwr
pub 1024R/C38B2AAD 1995-06-22 Jan Rychter <jwr@rgstudio.com.pl>
sig 56A1520D 1996-08-08 Tomasz R. Surmacz <ts@wroc.apk.net>
sig F9289982 1998-03-10 Szymon Sokol <szymo n@bofh.net.pl>
[...]
So I signed 56A1520D and F9289982 and users of those keys both signed
C38B2AAD. A classical Web Of Trust situation.
Then I do the following:
Subshell:alex@sword:[~]:156:> gpg --edit-key C38B2AAD
gpg (GnuPG) 1.0.6; Copyright (C) 2001 Free Software Foundation, Inc.
This program comes with ABSOLUTELY NO WARRANTY.
This is free software, and you are welcome to redistribute it
under certain conditions. See the file COPYING for details.
pub 1024R/C38B2AAD created: 1995-06-22 expires: never trust: -/m
(1). Jan Rychter <jwr@rgstudio.com.pl>
(2) Jan Rychter <jwr@itc.pw.edu.pl>
Command> trust
pub 1024R/C38B2AAD created: 1995-06-22 expires: never trust: -/m
(1). Jan Rychter <jwr@rgstudio.com.pl>
(2) Jan Rychter <jwr@itc.pw.edu.pl>
Please decide how far you trust this user to correctly
verify other users' keys (by looking at passports,
checking fingerprints from different sources...)?
1 = Don't know
2 = I do NOT trust
3 = I trust marginally
4 = I trust fully
s = please show me more information
m = back to the main menu
Your decision? s
Certificates leading to an ultimately trusted key:
Your decision?
This should show at least one path to one of my keys which it is not doing.
Am I misunderstanding this feature or there is something wrong with the path
calculation?
Alex
- --
Janusz A. Urbanowicz | ALEX3-RIPE | SF-Framling | Thawte Web Of Trust Notary
Gdy daję biednym chleb, nazywają mnie świętym. Gdy pytam,
dlaczego biedni nie mają chleba, nazywają mnie komunistą. - abp. Helder Camara
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (GNU/Linux)
Comment: Dalsze informacje znajdują się na http://www.gnupg.org/
iEYEARECAAYFAjtSDGMACgkQTfkBjn4ugD29CgCdEkaPeUZNGFeUfrUiPMOlhsJQ
DokAn32+HXVDcKohVLd5cqHfPLUtKtrS
=KwlS
-----END PGP SIGNATURE-----