gnupg-1.0.1 trust issues and compile problems

Werner Koch wk@gnupg.org
Wed, 14 Jun 2000 10:33:22 +0200


Hi Richard,

On Tue, 13 Jun 2000, Richard Guy Briggs wrote:


> !!! I was just able to change the trust level of a key without having
> to provide my passphrase! This was from "unset" to "full trust" to
> "no trust" back to "full trust"! Each time I told it to save and
Waht you mean is the "ownertrust"; that is how far you trust a key holder to correctly sign other keys. This is just a flag in the trustdb - you don't have to enter a passphrase even with PGP 2 or 5. I know that there is a but somewhere in the calculation of the key validity which uses the ownertrust to establish a chain of trust from you to the recipient/signer of a message.
> exit, it said: "Key not changed so no update needed." but it wrote out
> the change to trust level! This is alarming! Am I missing something
I know. There is a design problem: Most things are updated when you enter the "save" command; however the ownertrust flag is updated immediately and therefore you see this misleading message.
> In doing some interoperation testing with Marc Boucher, he found a bug
> in which a signature does not check out if there is a trailing space
> in the text that was signed. Has this been fixed?
Same version of gpg on both sides? or is it an PGP/GPG issue? There is a problem with backward compatibilty to PGP which doesn't behave as OpenPGP demands. Very ugly situation and gpg _tries_ to check both versions.
> gcc -g -O2 -Wall -o mpicalc mpicalc.o ../cipher/libcipher.a ../mpi/libmpi.a ../util/libutil.a -lz -ldl -lgdbm
> mpicalc.o: In function `i18n_init':
> /usr/src/sw/gnupg-1.0.1/tools/mpicalc.c:74: undefined reference to `bindtextdomain'
Maybe your gettext installation is messed up; try: ./configure --with-included-gettext
> checking whether included gettext is requested... no
Werner -- Werner Koch OpenPGP key 621CC013 OpenIT GmbH tel +49 211 239577-0 Birkenstr. 12 email wk@OpenIT.de D-40233 Duesseldorf http://www.OpenIT.de