dealing with misplaced signatures
guninski at guninski.com
Tue Jul 31 07:39:57 CEST 2012
Was the sig of the subkey made with vanilla gpg or was it manipulated?
On Mon, Jul 30, 2012 at 06:29:52PM -0400, Daniel Kahn Gillmor wrote:
> Clint Adams reports in http://bugs.debian.org/683339:
> This key has two signatures on a subkey:
> gpg --edit-key will correctly detect them as being in the wrong place,
> and move them to another wrong place, unless the uid/uat being moved
> to happens to be the target of the signature.
> Since sks appears to be buggy, those signatures will remain on the
> subkey, and be replaced on a --recv-keys or --refresh. Then
> a subsequent --edit-key will move them again.
> It would be nice if something could prevent these things from happening.
> The "sks appears to be buggy" remark refers to the fact that sks appears
> to allow certain types of signature in places that they don't make sense:
> This is why sks is willing to return regular identity certification
> packets after a subkey binding cert.
> Gnupg-devel mailing list
> Gnupg-devel at gnupg.org
More information about the Gnupg-devel