trustdb is not updated without ultimately trusted keys
Peter Palfrader
gnupg-devel=gnupg.org at lists.palfrader.org
Sat Nov 29 06:29:37 CET 2003
Since Debian's package tracking system seems to be down, I'll let you
know directly of this small bug in gnupg 1.2.3:
GnuPG does not recompute the trustdb if there are no ultimately trusted
keys left.
(
set -e
mkdir test-gpg;
chmod go-rwx test-gpg;
cd test-gpg
export GNUPGHOME=.
echo 'keyserver sks.keyserver.penguin.de' > gpg.conf
gpg --recv 94c09c7f
gpg --with-colons --list-key
echo '5B00C96D5D54AEE1206BAF84DE7AAF6E94C09C7F:6:' | gpg --import-ownertrust
gpg --with-colons --list-key
echo '5B00C96D5D54AEE1206BAF84DE7AAF6E94C09C7F:3:' | gpg --import-ownertrust
gpg --with-colons --list-key
cd ..
rm -rf test-gpg
) 2>/dev/null | grep '^pub'
Gives
pub:-:1024:17:DE7AAF6E94C09C7F:1999-11-10:::-:Peter Palfrader::scESC:
pub:u:1024:17:DE7AAF6E94C09C7F:1999-11-10:::u:Peter Palfrader::scESC:
pub:u:1024:17:DE7AAF6E94C09C7F:1999-11-10:::n:Peter Palfrader::scESC:
Note that the last line still has ultimate trust for the key.
(That's debian bug #222368, so you can Cc 222368 at bugs.debian.org if you
want)
Peter
--
PGP signed and encrypted | .''`. ** Debian GNU/Linux **
messages preferred. | : :' : The universal
| `. `' Operating System
http://www.palfrader.org/ | `- http://www.debian.org/
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: Digital signature
Url : /pipermail/attachments/20031129/7d8ba2af/attachment.bin
More information about the Gnupg-devel
mailing list