Odd key

Remi Guyomarch rguyom@mail.dotcom.fr
Wed, 9 Feb 2000 14:46:56 +0100


On Tue, Feb 08, 2000 at 10:58:30PM -0500, L. Sassaman wrote:

>
> Hi folks!
>
> For some reason, 0x6FFC5075 will not import to my keyring. (It is on all
> the public servers... it is an RSA key, self-signed.
>
> rabbi@thetis:/usr/home/rabbi$ gpg --recv-keys 0x6FFC5075
> gpg: requesting key 6FFC5075 from horowitz.surfnet.nl ...
> gpg: public key is 7999 seconds newer than the signature
> gpg: key 6FFC5075: invalid self-signature
> gpg: key 6FFC5075: no valid user IDs
> gpg: this may be caused by a missing self-signature
> gpg: Total number processed: 1
> gpg: w/o user IDs: 1
> rabbi@thetis:/usr/home/rabbi$

:public key packet:
version 3, algo 1, created 901704480, expires 0 [...]
:signature packet: algo 1, keyid FC56E2116FFC5075
version 3, created 901696481, md5len 5, sigclass 10 signature public key --------- ---------- 901696481 < 901704480 Wed Jul 29 09:14:41 1998 < Wed Jul 29 11:28:00 1998 The signature's timestamp is earlier than the public key's timestamp, which is a bit odd. But since timestamps can't be trusted anyway, maybe GPG should just print a warning ?