Key import on a machine with date moved back
A.L.E.C
alec at alec.pl
Fri Dec 2 12:43:19 CET 2016
A scenario here is that user generates a key-pair in a web browser using
openpgp.js then uploads it to the server where gpg is used to import it
to a user keyring. Problem is the time on server is a few seconds behind
the time on the client.
So, GnuPG 2.0.22 does this:
gpg: key A65FB1D8: secret key imported
gpg: key A65FB1D8 was created 6 seconds in the future (time warp or
clock problem)
gpg: key A65FB1D8 was created 6 seconds in the future (time warp or
clock problem)
gpg: key A65FB1D8 was created 6 seconds in the future (time warp or
clock problem)
gpg: key A65FB1D8 was created 6 seconds in the future (time warp or
clock problem)
gpg: key A65FB1D8: no valid user IDs
gpg: this may be caused by a missing self-signature
gpg: Total number processed: 1
gpg: w/o user IDs: 1
gpg: secret keys read: 1
gpg: secret keys imported: 1
IMPORT_OK 17 85CE61FECEFC0C46D505D6F20C507F31A65FB1D8
IMPORT_RES 1 1 0 0 0 0 0 0 0 1 1 0 0 0
I found it a little bit confusing. First, the hint about missing
self-signature and no valid user IDs is not very useful and misleading.
Second, it had actually imported something, I'd expect to not import
anything at all. Third, the "clock problem" error is displayed (actually
logged in this case) four times.
So, the question is how can we improve that? In general I'd like to
import the key-pair as if there were no time issues. Maybe there's a
command line argument to ignore them?
Or maybe it's already fixed/implemented in 2.1?
--
Aleksander 'A.L.E.C' Machniak
Kolab Groupware Developer [http://kolab.org]
Roundcube Webmail Developer [http://roundcube.net]
----------------------------------------------------
PGP: 19359DC1 # Blog: https://kolabian.wordpress.com
More information about the Gnupg-devel
mailing list