Odd key

Wed, 9 Feb 2000 14:46:56 +0100

On Tue, Feb 08, 2000 at 10:58:30PM -0500, L. Sassaman wrote:

> 

> Hi folks!

> 

> For some reason, 0x6FFC5075 will not import to my keyring. (It is on all

> the public servers... it is an RSA key, self-signed.

> 

> rabbi@thetis:/usr/home/rabbi$ gpg --recv-keys 0x6FFC5075

> gpg: requesting key 6FFC5075 from horowitz.surfnet.nl ...

> gpg: public key is 7999 seconds newer than the signature

> gpg: key 6FFC5075: invalid self-signature

> gpg: key 6FFC5075: no valid user IDs

> gpg: this may be caused by a missing self-signature

> gpg: Total number processed: 1

> gpg:           w/o user IDs: 1

> rabbi@thetis:/usr/home/rabbi$

:public key packet:

        version 3, algo 1, created 901704480, expires 0
[...]

:signature packet: algo 1, keyid FC56E2116FFC5075

        version 3, created 901696481, md5len 5, sigclass 10

               signature   public key
               ---------   ----------
               901696481 < 901704480
Wed Jul 29 09:14:41 1998 < Wed Jul 29 11:28:00 1998

The signature's timestamp is earlier than the public key's timestamp, which
is a bit odd. But since timestamps can't be trusted anyway, maybe GPG should
just print a warning ?