PGP-GPG Compatibility
David Shaw
dshaw@jabberwocky.com
Tue Jun 11 19:22:01 2002
On Tue, Jun 11, 2002 at 05:57:38PM +0300, Charly Avital wrote:
> In PGP, the self signature shows explicitly your full user ID, but there is
> here something unusual:
> The key itself was created on March 24, 2002.
> The self signature was done on April 16 2002
> There is another signature by 0xD67A4987, defined as "Unknown Signature",
> made by CN=WEB.DE Trustcenter Voll-Zertifikate, EMAIL=trust@web.de, OU=
> TrustCenter CA, O=WEB.DE AG, L=D-76227 Karlsruhe, C=DE.
>
> This would mean that when the key was created, March 24,2002, it was not
> automatically self signed on the *same day*, as it usually happens when a
> key is created. The self signature was done, according to PGP, much later,
> on April 16, 2002.
This is not unusual. Remember that the key preferences and expiration
date are contained in the self-signature. If the key owner changes
their prefs or expiration date then a new self-signature will be
issued.
> Therefore, GPG would be right when it says:
> "gpg: signature packet without keyid"
This error message is due to the X.509-ish signature on the key. This
is not part of OpenPGP, and is discarded by GnuPG. The error can be
safely ignored.
David
--
David Shaw | dshaw@jabberwocky.com | WWW http://www.jabberwocky.com/
+---------------------------------------------------------------------------+
"There are two major products that come out of Berkeley: LSD and UNIX.
We don't believe this to be a coincidence." - Jeremy S. Anderson