Problems with GNUPA

Werner Koch
Tue Jan 22 18:50:02 2002

On Tue, 22 Jan 2002 16:55:11 +0100, Haberstock, Reiner said:

> I've a strange Problem with GNUPA ---> Imorted an non-selfsigned key
> over the gpg interface in the DOS-Box.

I guess you mean GPA.

> gpg --allow-non-selfsigned-uid

This is a kludge and should be avoided if possible.  I assume that
there is another key which signs your user ID which is in principle
correct but not supported by GnuPG.  It is far better to add a
self-signature and mark the other key as fully trusted.

It is indeed possible that GPA has a problem with this.  I just tested
it on GNU/Linux without problems.  Well, I have a somewhat newer
version here (0.4.3).  There is no binary version for Windows, though.

> The Key-Owner isn't able to selfsign the key because the Robert Bosch
> Trustcenter manages all the keys of the Robert Bosch Company.

This is not the correct way to do it.  A self-signature is needed for
a user ID and this has nothing to do with trusting the key.  It is
simply needed to bind the user ID to the key.  Everyone sending you an
encrypted message will have a problem unless he uses a special setup.
It does not make much sense to use a Standard in this (not explicitly
forbidden) way.

> If i can't solve the Problem, we MUST switch to NAI PGP, but I won't
> spend 1000EUR each year only for licences.

There are companies supporting and cusomizing free software ;-)

Werner Koch        Omnis enim res, quae dando non deficit, dum habetur
g10 Code GmbH      et non datur, nondum habetur, quomodo habenda est.
Privacy Solutions                                        -- Augustinus