Weird behaviours in GPG 2.1 with validity

Ximin Luo infinity0 at pwned.gg
Tue Dec 23 04:14:30 CET 2014


I've managed to trim this down to a minimal test case:

https://bugs.g10code.com/gnupg/issue1794

Would be good if others could confirm and/or comment.

Pretty annoying to keep getting "KEY IS NOT VALID" warnings for my *own* key...

X

On 18/12/14 13:00, Ximin Luo wrote:
> Ping! Did anyone else look into this yet?
> 
> On 14/12/14 15:47, Ximin Luo wrote:
>> To clarify, the below was observed in GPG 2.1.
>>
>> On 13/12/14 16:12, Ximin Luo wrote:
>>> (new,mine) If I import my public key [1] into an empty homedir and set ownertrust to ultimate, the validity (on all UIDs) is also set to ultimate.
>>>
>>> (old,mine) If I do the same thing with my pre-existing homedir, the validity (on all UIDs) is set to "undef" for some reason.
>>>
>>> (old,other) If I do the same thing with my pre-existing homedir, but with (e.g.) dkg's key [2], some UIDs are "undef" and other UIDs are "ultimate".
>>>
>>> (new,other) If I do the same thing with dkg's key in an empty homedir, the validity is set to ultimate.
>>>
>>> The validity also remains unchanged as "undef", even if I import a masterless secret key. (But GPG 1.4 seems to set the validity to "ultimate", in the same situation.)
>>>
>>> All of these behaviours are pretty weird. I couldn't find a good explanation of them in the docs.
>>>
>>> At the end of the day, I just want GPG to recognise my own key (with secret subkeys available, secret master key not available) as "ultimate" validity. How do I do this?
>>>
>>> X
>>>
>>> [1] A405 E58A B372 5B39 6ED1  B85C 1318 EFAC 5FBB DBCE
>>> [2] 0EE5 BE97 9282 D80B 9F75  40F1 CCD2 ED94 D217 39E9
>>>
>>>
> 


-- 
GPG: 4096R/1318EFAC5FBBDBCE
git://github.com/infinity0/pubkeys.git

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: OpenPGP digital signature
URL: </pipermail/attachments/20141223/bc16bfef/attachment.sig>


More information about the Gnupg-devel mailing list