keyids in signatures getting corrupted,
GPG and/or Debian problem?
dshaw at jabberwocky.com
Thu Apr 1 22:34:26 CEST 2004
On Thu, Apr 01, 2004 at 02:32:14PM -0500, Jason Harris wrote:
> > All of that said, I'm not too worried about this. It's annoying, but
> > ultimately harmless. The corrupt sig will not validate (though the
> > sig itself is actually good, the bad issuer means the key that issued
> > it will never be found), so it will be ignored.
> Except where the issuer is irrelevant.
I'm afraid I don't follow that comment. The issuer is always
relevant, as it is used to find the key that issued the signature.
More information about the Gnupg-devel