Weird behaviours in GPG 2.1 with validity

Ximin Luo infinity0 at pwned.gg
Thu Dec 18 13:00:00 CET 2014


Ping! Did anyone else look into this yet?

On 14/12/14 15:47, Ximin Luo wrote:
> To clarify, the below was observed in GPG 2.1.
> 
> On 13/12/14 16:12, Ximin Luo wrote:
>> (new,mine) If I import my public key [1] into an empty homedir and set ownertrust to ultimate, the validity (on all UIDs) is also set to ultimate.
>>
>> (old,mine) If I do the same thing with my pre-existing homedir, the validity (on all UIDs) is set to "undef" for some reason.
>>
>> (old,other) If I do the same thing with my pre-existing homedir, but with (e.g.) dkg's key [2], some UIDs are "undef" and other UIDs are "ultimate".
>>
>> (new,other) If I do the same thing with dkg's key in an empty homedir, the validity is set to ultimate.
>>
>> The validity also remains unchanged as "undef", even if I import a masterless secret key. (But GPG 1.4 seems to set the validity to "ultimate", in the same situation.)
>>
>> All of these behaviours are pretty weird. I couldn't find a good explanation of them in the docs.
>>
>> At the end of the day, I just want GPG to recognise my own key (with secret subkeys available, secret master key not available) as "ultimate" validity. How do I do this?
>>
>> X
>>
>> [1] A405 E58A B372 5B39 6ED1  B85C 1318 EFAC 5FBB DBCE
>> [2] 0EE5 BE97 9282 D80B 9F75  40F1 CCD2 ED94 D217 39E9
>>
>>

-- 
GPG: 4096R/1318EFAC5FBBDBCE
git://github.com/infinity0/pubkeys.git



More information about the Gnupg-devel mailing list