signature question

Joe Vender jvender at owensboro.net
Thu Jun 29 01:23:28 CEST 2006 

Using GnuPG 1.4.4
Is this normal GnuPG behavior or a bug?

When I create a key pair and then list the signatures, I get:

***
pub   4096R/6E9F8409 6/28/2006 [expires: 6/27/2010]
      Key fingerprint = 6942 5BE1 FCDD C366 821C  A1A1 3664 1DBF 6E9F 8409
-------------
uid                  Joe Vender <jvender at owensboro.net>
sig 3        6E9F8409 6/28/2006  Joe Vender <jvender at owensboro.net>
*************
sub   4096R/90072DEF 6/28/2006 [expires: 6/27/2010]
sig          6E9F8409 6/28/2006  Joe Vender <jvender at owensboro.net>
***


If I then export the keypair, delete the original keypair from the ring,
and reimport the exported keypair and list signatures, I get:

***
pub   4096R/6E9F8409 6/28/2006 [expires: 6/27/2010]
      Key fingerprint = 6942 5BE1 FCDD C366 821C  A1A1 3664 1DBF 6E9F 8409
-------------
uid                  Joe Vender <jvender at owensboro.net>
sig 3        6E9F8409 6/28/2006  Joe Vender <jvender at owensboro.net>
*************
sub   4096R/90072DEF 6/28/2006 [expires: 6/27/2010]
sig          6E9F8409 6/28/2006  Joe Vender <jvender at owensboro.net>
sig          6E9F8409 6/28/2006  Joe Vender <jvender at owensboro.net>
***

It always picks up an extra signature on the subkey. If I then export
the keypair again and import, there is still just two sigs on the
subkey. It doesn't pick up additional sigs on the subkey after
subsequent exports/imports of the keypair.

Looking at the PGP packets on the subkey:

***
Old: Public Subkey Packet(tag 14)(523 bytes)
	Ver 4 - new
	Public key creation time - Wed Jun 28 16:07:25 DST 2006
	Pub alg - RSA Encrypt or Sign(pub 1)
	RSA n(4096 bits) - ...
	RSA e(6 bits) - ...
Old: Signature Packet(tag 2)(549 bytes)
	Ver 4 - new
	Sig type - Subkey Binding Signature(0x18).
	Pub alg - RSA Encrypt or Sign(pub 1)
	Hash alg - SHA1(hash 2)
	Hashed Sub: signature creation time(sub 2)(4 bytes)
		Time - Wed Jun 28 16:07:25 DST 2006
	Hashed Sub: key flags(sub 27)(1 bytes)
		Flag - This key may be used to encrypt communications
		Flag - This key may be used to encrypt storage
	Hashed Sub: key expiration time(sub 9)(4 bytes)
		Time - Sun Jun 27 16:07:25 DST 2010
	Sub: issuer key ID(sub 16)(8 bytes)
		Key ID - 0x36641DBF6E9F8409
	Hash left 2 bytes - 1c 11
	RSA m^d mod n(4095 bits) - ...
		-> PKCS-1
Old: Signature Packet(tag 2)(549 bytes)
	Ver 4 - new
	Sig type - Subkey Binding Signature(0x18).
	Pub alg - RSA Encrypt or Sign(pub 1)
	Hash alg - SHA1(hash 2)
	Hashed Sub: signature creation time(sub 2)(4 bytes)
		Time - Wed Jun 28 16:07:27 DST 2006
	Hashed Sub: key flags(sub 27)(1 bytes)
		Flag - This key may be used to encrypt communications
		Flag - This key may be used to encrypt storage
	Hashed Sub: key expiration time(sub 9)(4 bytes)
		Time - Sun Jun 27 16:07:25 DST 2010
	Sub: issuer key ID(sub 16)(8 bytes)
		Key ID - 0x36641DBF6E9F8409
	Hash left 2 bytes - 25 0c
	RSA m^d mod n(4095 bits) - ...
		-> PKCS-1
***

More information about the Gnupg-devel mailing list