GPG key not fully accepted by public key servers
Stefan H. Holek
Sat, 16 Dec 2000 01:10:59 +0100 (CET)
On Fri, 15 Dec 2000 firstname.lastname@example.org wrote:
> I have a public key that has two subkeys. One is an encryption subkey with
> expiration date, and the other is a signing subkey with expiration date.
> When I submit this public key to a keyserver such as
> http://pgp.ai.mit.edu/ I get this error:
> The last error was on key 0xee72a386:
> Key block corrupt: more than one signature on subk
I have also seen this. The culprit seems to be the pks-type keyserver.
Currently no solution, AFAIK. You might want to use the NAI keyservers until
this is resolved.
> The interesting thing is that part of the key is accepted so people can still
> download it, but I use the second subkey for most of my signing, and that is
> truncated from the key. Does anyone know why this would be? I can send my
My current assessment is that the pks is stripping off "subkey binding
signatures", leaving the key in a crippled state.
I believe it only happens when adding a new key, adding a subkey to an
existing key appears to fail entirely. If people can download your key
they must furthermore be using pgp, because gpg does not import such a
key. I have also tried to use a broken key for encryption in pgp, but it
did not work.
Has somebody successfully encrypted mail to you using your
freshly downloaded key?
Archive is at http://lists.gnupg.org - Unsubscribe by sending mail
with a subject of "unsubscribe" to email@example.com