dealing with misplaced signatures

[Daniel Kahn Gillmor]

On 07/31/2012 01:39 AM, Georgi Guninski wrote:
> Was the sig of the subkey made with vanilla gpg or was it manipulated?

examining the sig, it happens to be byte-for-byte identical with a sig
on one of the User IDs.

As a result of gpg's (faulty) moving of the sig to the last user ID, we
see the same sig show up after several of the User IDs as well.

observe all the places where this particular sig shows up:

$ gpg --export 0xED34CEABE27BAABC | gpgsplit
$ md5sum * | egrep  '(^848762|(attribute|id|key)$)'
95687f448844ff7144ae806a3d44059e  000001-006.public_key
f92637abe07b5fe3fcc48c384703c932  000002-013.user_id
925db22aabd790504bb80b8d0e1a6202  000019-013.user_id
8487624d4fd7292872c7de2c83ec895d  000041-002.sig
580775fce5bd929da507fc031969b891  000044-013.user_id
8487624d4fd7292872c7de2c83ec895d  000046-002.sig
12086b15b600f899937a91ec7fac99a7  000048-013.user_id
565800d7a2d5c675622a03829c9d8ef5  000090-013.user_id
ab2cf4addd27785fdbef507767d769a8  000134-013.user_id
0537fb472a556e7f441909014a5cb133  000156-013.user_id
cc5f36051c98ac72364e950ab0f18bf5  000191-013.user_id
8487624d4fd7292872c7de2c83ec895d  000194-002.sig
714723044960babc2a8ccaff426099f3  000196-013.user_id
b5e8df1259ef36974559aa865719ee63  000243-013.user_id
8487624d4fd7292872c7de2c83ec895d  000284-002.sig
0a15d0f11daff87b908ecc0e8aebbc0d  000289-013.user_id
e1aa33ca83b5d2f629ddb216c50c88c0  000340-013.user_id
8487624d4fd7292872c7de2c83ec895d  000385-002.sig
af4faed7d2101b27fdd0fb4ca819f420  000389-017.attribute
8487624d4fd7292872c7de2c83ec895d  000426-002.sig
7b65f1bbcf1c826bafec1b829d6b9530  000430-014.public_subkey
9c2e77755a1e3cce68d1f0d302f361fd  000432-014.public_subkey
8487624d4fd7292872c7de2c83ec895d  000435-002.sig
$

	--dkg

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 1030 bytes
Desc: OpenPGP digital signature
URL: </pipermail/attachments/20120731/2f4719ef/attachment.pgp>