Failure to import home-brewn public key file
Rick van Rein
rick at openfortress.nl
Mon Feb 1 22:11:08 CET 2016
Hello David,
> GnuPG requires each user ID to have a self-signature to prove that the user ID wasn't added by someone other than the key owner (the self-signature also carries some useful information like cipher choices). The user ID on this key doesn't have a self-signature - there's a signature there on the user ID, but it's not issued by the key itself:
Ah, that would explain things!
> :public key packet:
> version 4, algo 1, created 1454319350, expires 0
> pkey[0]: [2048 bits]
> pkey[1]: [0 bits]
> keyid: F25CA9043257A80C
What did you use to generate this output?
> So the key is F25CA9043257A80C, but the signature was made by 56EA25ACD215439F.
>
> You can override the self-signature check (---allow-non-selfsigned-uid) but this is not recommended as such a user ID is easy to forge.
The override worked, so you clearly spotted the problem in my code.
Thanks a lot, this should prove helpful!
Best wishes,
-Rick
More information about the Gnupg-devel
mailing list