Wrong signature on idea.c, broken link
Jason Harris
jharris at widomaker.com
Fri May 17 21:10:02 CEST 2002
On Wed, May 15, 2002 at 04:04:46PM -0400, Andy Ozment wrote:
> I'm new to gpg, so I apologize if these "bugs" are really my ignorance
> rather than a bug.
You've been using (commercial) PGP all this time? :(
> 1. In an attempt to get the idea module, I went to the page
> <http://www.gnupg.org/why-not-idea.html>
>
> I downloaded the files idea.c and idea.c.sig. I then tried to check the
> sig:
> $ gpg --verify idea.c.sig idea.c
> gpg: Warning: using insecure memory!
> gpg: please see http://www.gnupg.org/faq.html for more information
> gpg: Signature made Fri Aug 17 03:34:05 2001 EDT using DSA key ID
> 621CC013
> gpg: Can't check signature: public key not found
>
> $ gpg --list-keys
> pub 1024D/57548DCD 1998-07-07 Werner Koch (gnupg sig) <dd9jn at gnu.org>
>
> It appears to me, then, that idea.c was not signed with the key that
> signed the entire distribution (57548DCD, Werner Koch). Is this
> intentional? I could not find the key that did sign the file anywhere on
> the site.
Use the keyservers, Luke!
(However, it doesn't look like Werner has cross-signed all his keys...)
pub 1024D/621CC013 1998-07-07 Werner Koch <werner.koch at guug.de>
Key fingerprint = ECAF 7590 EB34 43B5 C7CF 3ACB 6C7E E1B8 621C C013
sig? FF3EAA0B 1998-07-07 [User id not found]
sig 0C9857A5 1998-07-08 Werner Koch <werner.koch at guug.de>
sig 9265FAFB 2001-11-03 Derek Gaston <dgaston at umr.edu>
sig 513AEFD9 2000-09-25 Hans-Joerg Hoexer <hshoexer at rommel.stw.uni-erlangen.de>
sig 82957B66 2000-07-11 Hideki Saito <hideki at allcity.net>
sig C5E88112 2000-02-22 Ruediger Hahn <ruedi007 at topmail.de>
sig 5B0358A2 1999-03-15 Werner Koch <wk at gnupg.org>
sig B1CC03AA 1999-06-21 Javier Kohen <jkohen at tough.com>
sig 621CC013 1999-11-12 Werner Koch <werner.koch at guug.de>
uid Werner Koch <wk at gnupg.org>
sig 5B0358A2 2000-10-01 Werner Koch <wk at gnupg.org>
sig 621CC013 2000-11-21 Werner Koch <werner.koch at guug.de>
uid Werner Koch <wk at openit.de>
sig 513AEFD9 2000-09-25 Hans-Joerg Hoexer <hshoexer at rommel.stw.uni-erlangen.de>
sig 82957B66 2000-07-11 Hideki Saito <hideki at allcity.net>
sig 621CC013 2000-11-21 Werner Koch <werner.koch at guug.de>
sig 90F89A7D 2001-01-25 Ralf Hildebrandt <ralf.hildebrandt at innominate.com>
--
Jason Harris | NIC: JH329, PGP: This _is_ PGP-signed, isn't it?
jharris at widomaker.com | web: http://jharris.cjb.net/
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 194 bytes
Desc: not available
Url : /pipermail/attachments/20020517/ea55884b/attachment.bin
More information about the Gnupg-devel
mailing list