--check-sigs option
David Shaw
dshaw@jabberwocky.com
Fri Dec 27 18:09:02 2002
On Fri, Dec 27, 2002 at 05:04:18PM +0100, Adrian 'Dagurashibanipal' von Bidder wrote:
> Yo again!
>
> Hope everybody survived christmas and is looking forward to the new
> year...
>
> When I gpg --check-sigs on my keyring, I see many signatures from
> unknown keys marked as good - like this:
>
> avbidder@altfrangg:~$ gpg --check-sigs 09AC0A6A 9A4C704C | less
> pub 1024D/09AC0A6A 1998-07-14 L. Sassaman <>
> sig! 2C6D110A 2000-01-22 [User id not found]
>
> while other signatures are not shown at all. Why is this? When I gpg
> --edit this key and use delsig, it shows the same behaviour: some
> signatures are 'delete this good signature?', while others are 'this
> unknown signature':
This is a known side-effect of the signature caching that GnuPG uses
to speed up some operations. In the example above, you imported key
2C6D110A before importing key 09AC0A6A, then deleted key 2C6D110A.
Basically, it's harmless. If it really bothers you, you can make it
go away with (this will take a while to run):
gpg --no-sig-cache --rebuild-keydb-caches
David
--
David Shaw | dshaw@jabberwocky.com | WWW http://www.jabberwocky.com/
+---------------------------------------------------------------------------+
"There are two major products that come out of Berkeley: LSD and UNIX.
We don't believe this to be a coincidence." - Jeremy S. Anderson