keyids in signatures getting corrupted, GPG and/or Debian problem?

David Shaw dshaw at jabberwocky.com
Thu Apr 1 22:34:26 CEST 2004


On Thu, Apr 01, 2004 at 02:32:14PM -0500, Jason Harris wrote:
> > All of that said, I'm not too worried about this.  It's annoying, but
> > ultimately harmless.  The corrupt sig will not validate (though the
> > sig itself is actually good, the bad issuer means the key that issued
> > it will never be found), so it will be ignored.
> 
> Except where the issuer is irrelevant.

I'm afraid I don't follow that comment.  The issuer is always
relevant, as it is used to find the key that issued the signature.

David



More information about the Gnupg-devel mailing list