Failure to import home-brewn public key file

Rick van Rein rick at
Mon Feb 1 22:11:08 CET 2016

Hello David,

> GnuPG requires each user ID to have a self-signature to prove that the user ID wasn't added by someone other than the key owner (the self-signature also carries some useful information like cipher choices).  The user ID on this key doesn't have a self-signature - there's a signature there on the user ID, but it's not issued by the key itself:

Ah, that would explain things!

> :public key packet:
> 	version 4, algo 1, created 1454319350, expires 0
> 	pkey[0]: [2048 bits]
> 	pkey[1]: [0 bits]
> 	keyid: F25CA9043257A80C

What did you use to generate this output?

> So the key is F25CA9043257A80C, but the signature was made by 56EA25ACD215439F.
> You can override the self-signature check (---allow-non-selfsigned-uid) but this is not recommended as such a user ID is easy to forge.

The override worked, so you clearly spotted the problem in my code.

Thanks a lot, this should prove helpful!

Best wishes,

More information about the Gnupg-devel mailing list