dealing with misplaced signatures

Daniel Kahn Gillmor dkg at fifthhorseman.net
Wed Aug 1 18:33:37 CEST 2012


On 08/01/2012 12:44 AM, David Shaw wrote:
> hiding the packets is potentially harmful.  [...] 
> hiding the packets from GPG prevents this repair from happening.
> After all, if GPG doesn't get the packets, it can't move them to the
right place.  > This means the signatures are effectively lost,

fwiw, in the cases where i've seen this, the packets in question are
*already* in the correct place, they just happen to *also* be in the
incorrect place, causing noise.

We don't support "fixing" the problem where someone submits a signature
packet after the wrong User ID, or attached to the wrong key entirely,
and i don't believe we should.  Submitting the packets in the correct
order for them to be properly interpreted is the job of the key
uploader, not the job of the keyservers.

	--dkg

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 1030 bytes
Desc: OpenPGP digital signature
URL: </pipermail/attachments/20120801/7f0a80ed/attachment.pgp>


More information about the Gnupg-devel mailing list