multiple copies of the self-signature on the key
David Shaw
dshaw at jabberwocky.com
Wed Jun 14 14:05:22 CEST 2006
On Wed, Jun 14, 2006 at 12:29:03PM +0200, Janusz A. Urbanowicz wrote:
> Hi, I am under an impression I reported that some time (~2 years) ago:
>
> I have a setup where I send (and update) my pubkey to remote amchines
> by downloading it from the keyserver network. Over time, preferences
> are updated, subkeys are crosscertified. And new and new
> self-signatures deposite on the key with old not being flushed. What
> can I do with that?
You can't stop the keyservers from storing all copies of your
selfsig. They have no crypto support so have no way to tell which (if
any) is the "right" one to keep.
In GPG, if you set:
import-options import-clean
keyserver-options import-clean
You'll automatically strip out the unusable selfsigs (as well as
unusable other stuff like multiple expired signatures) upon import.
You can do the same on a key by key basis with --edit-key and the
"clean" command.
David
More information about the Gnupg-devel
mailing list