Multiple signatures after import.
Yenot
yenot@sec.to
Sun Apr 13 10:21:02 2003
--------------Boundary-00=_WKV9JGPOS2BMKK9K7XPU
Content-Type: text/plain;
charset="iso-8859-1"
Content-Transfer-Encoding: 8bit
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On Friday 11 April 2003 11:55 pm, David Shaw wrote:
> On Wed, Apr 09, 2003 at 06:34:08PM +0400, Yenot wrote:
> > I actually have seen this. It may not be related to the original
> > poster's problem, but here's a way to create a UID with multiple
> > self signatures (GnuPG 1.2.1):
> >
> > 1) edit one of your keys
> > 2) add a new UID
> > 3) add *the same* UID again (do not exit after step 2)
> > 4) now exit
> >
> > GnuPG will merge the two UID's, but it will not merge the two self
> > signatures.
> >
> > The signatures are in fact different, because their creation time
> > is not identical. PGP 8.02 always retains such signatures, but
> > GnuPG considers them duplicates and [usually] merges them.
>
> No. GnuPG will never remove a signature if it is not byte-for-byte
> identical with an existing signature. Two signatures with two
> different creation dates are not indentical and are not merged.
>
> The behavior you cite above is a feature, not a bug.
I did some more testing. To me, it looks like GnuPG 1.2.1 *is*
merging non byte-for-byte signatures -- but the result depends
on the order of operations.
For a test case, I've attached "bob1.asc" and "bob2.asc". Both
files contain the same key for UID "bob@test.com". In both files
there is a single self-signature on the UID, but the self-signature
in "bob1.asc" has a creation date 13 seconds before the signature
in "bob2.asc".
gpg --import bob1.asc bob2.asc [Keeps both signatures.]
gpg --import bob2.asc bob1.asc [Removes older signature in bob1.asc]
Make sure to "gpg --delete-key bob@test.com" between tests!
- Yenot
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (GNU/Linux)
iD8DBQE+mRkkP247TY29IxARAlY0AJ9XbX5cFYRMTT7GACW8oByXuM4RlQCfZOg7
utAnFiYLjNfpGFZXdVA9fGI=
=SJZA
-----END PGP SIGNATURE-----
--------------Boundary-00=_WKV9JGPOS2BMKK9K7XPU
Content-Type: application/pgp-encrypted;
name="bob1.asc"
Content-Transfer-Encoding: 7bit
Content-Disposition: attachment; filename="bob1.asc"
-----BEGIN PGP PUBLIC KEY BLOCK-----
Version: GnuPG v1.2.1 (GNU/Linux)
mQFCBD6YqiYRAwC5xkqOmBfDd23+3tBQSlijmDLBnYAtmsPfidiRapj0nV1BFX7g
RB0RSXT7bbrIStfekEdH7LiF0qBy4k36JNHDBqAiNuBBY/IYo96k5lJ0pFg+WMBP
Qvp+dgKceZ4b6acAoP+129f8nu/F0fuU4Nbg+2ZBU7ptAwCrn9Mod46Welc4uSRO
gKh1dx/6JleeE376NuolA9f2UDn/lzQ7NBdycC8FwNM7+uT58fAkKczcBYA/2y8g
xLuA5cU8Xn9seBmxAUntGD/ZE+WLOWKcdR+iVROQMUU4QEgC/ROeUC6nZcooWxHD
A1G6dFediOW8XVbR52n5Oo+PFOns5MkdKU/SLnbqyti6TN+gwo9nhzBc/J1R5IvL
AVDcK5vtgoFIbLdOdDI+ulejUKi0aBnUAxTQgUQ0xPnRD+Vb/7QXQm9iIFRlc3Qg
PGJvYkB0ZXN0LmNvbT6IXQQTEQIAHQUCPpiqYwIbAwULBwMCAQMVAgMDFgIBAh4B
AheAAAoJEC2YwBO0M4+cwxkAnjt0d07Kp8FpyRiKSxoXPBh+kGl3AKCq073c8JR9
zKJz4+xafelzcnSIWg==
=NAdz
-----END PGP PUBLIC KEY BLOCK-----
--------------Boundary-00=_WKV9JGPOS2BMKK9K7XPU
Content-Type: application/pgp-encrypted;
name="bob2.asc"
Content-Transfer-Encoding: 7bit
Content-Disposition: attachment; filename="bob2.asc"
-----BEGIN PGP PUBLIC KEY BLOCK-----
Version: GnuPG v1.2.1 (GNU/Linux)
mQFCBD6YqiYRAwC5xkqOmBfDd23+3tBQSlijmDLBnYAtmsPfidiRapj0nV1BFX7g
RB0RSXT7bbrIStfekEdH7LiF0qBy4k36JNHDBqAiNuBBY/IYo96k5lJ0pFg+WMBP
Qvp+dgKceZ4b6acAoP+129f8nu/F0fuU4Nbg+2ZBU7ptAwCrn9Mod46Welc4uSRO
gKh1dx/6JleeE376NuolA9f2UDn/lzQ7NBdycC8FwNM7+uT58fAkKczcBYA/2y8g
xLuA5cU8Xn9seBmxAUntGD/ZE+WLOWKcdR+iVROQMUU4QEgC/ROeUC6nZcooWxHD
A1G6dFediOW8XVbR52n5Oo+PFOns5MkdKU/SLnbqyti6TN+gwo9nhzBc/J1R5IvL
AVDcK5vtgoFIbLdOdDI+ulejUKi0aBnUAxTQgUQ0xPnRD+Vb/7QXQm9iIFRlc3Qg
PGJvYkB0ZXN0LmNvbT6IXQQTEQIAHQUCPpiqcAIbAwULBwMCAQMVAgMDFgIBAh4B
AheAAAoJEC2YwBO0M4+cT8oAoKNWDDT5cHeNOQKLwVNSNlZTYQsaAKDwkNAWYrVv
ckgrsw3DXZ6UMuTuMA==
=lmLA
-----END PGP PUBLIC KEY BLOCK-----
--------------Boundary-00=_WKV9JGPOS2BMKK9K7XPU--