Multiple signatures after import.
Yenot
yenot at sec.to
Sun Apr 13 11:21:02 CEST 2003
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On Friday 11 April 2003 11:55 pm, David Shaw wrote:
> On Wed, Apr 09, 2003 at 06:34:08PM +0400, Yenot wrote:
> > I actually have seen this. It may not be related to the original
> > poster's problem, but here's a way to create a UID with multiple
> > self signatures (GnuPG 1.2.1):
> >
> > 1) edit one of your keys
> > 2) add a new UID
> > 3) add *the same* UID again (do not exit after step 2)
> > 4) now exit
> >
> > GnuPG will merge the two UID's, but it will not merge the two self
> > signatures.
> >
> > The signatures are in fact different, because their creation time
> > is not identical. PGP 8.02 always retains such signatures, but
> > GnuPG considers them duplicates and [usually] merges them.
>
> No. GnuPG will never remove a signature if it is not byte-for-byte
> identical with an existing signature. Two signatures with two
> different creation dates are not indentical and are not merged.
>
> The behavior you cite above is a feature, not a bug.
I did some more testing. To me, it looks like GnuPG 1.2.1 *is*
merging non byte-for-byte signatures -- but the result depends
on the order of operations.
For a test case, I've attached "bob1.asc" and "bob2.asc". Both
files contain the same key for UID "bob at test.com". In both files
there is a single self-signature on the UID, but the self-signature
in "bob1.asc" has a creation date 13 seconds before the signature
in "bob2.asc".
gpg --import bob1.asc bob2.asc [Keeps both signatures.]
gpg --import bob2.asc bob1.asc [Removes older signature in bob1.asc]
Make sure to "gpg --delete-key bob at test.com" between tests!
- Yenot
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (GNU/Linux)
iD8DBQE+mRkkP247TY29IxARAlY0AJ9XbX5cFYRMTT7GACW8oByXuM4RlQCfZOg7
utAnFiYLjNfpGFZXdVA9fGI=
=SJZA
-----END PGP SIGNATURE-----
-------------- next part --------------
A non-text attachment was scrubbed...
Name: bob1.asc
Type: application/pgp-encrypted
Size: 719 bytes
Desc: not available
Url : /pipermail/attachments/20030413/16b8ac77/bob1.bin
-------------- next part --------------
A non-text attachment was scrubbed...
Name: bob2.asc
Type: application/pgp-encrypted
Size: 719 bytes
Desc: not available
Url : /pipermail/attachments/20030413/16b8ac77/bob2.bin
More information about the Gnupg-devel
mailing list