Deleting signatures question.

Neil Williams
Thu Aug 14 21:20:02 2003

Content-Type: text/plain;
Content-Transfer-Encoding: quoted-printable
Content-Description: signed data
Content-Disposition: inline

On Thursday 14 Aug 2003 2:34 pm, Stewart V. Wright wrote:
> Hi All,
> I have a question about deleting signatures on public keys...

1. You can only delete signatures you have made yourself.
2. If you could delete the unknown sig's, they would be replaced next time =
key was imported from a keyserver
3. You can ignore any unknown signatures by using --check-sigs instead of=20

> The WoT means that keys in my pubring.gpg are signed by various
> people.  Most of the time I do not have the additional keys to go with
> these signatures.

Everyone has that. You'd have to run a keyserver to get close to all, even=
then there are some keys that are simply not obtainable.

> What I would like to do is _automatically_ be able to delete the
> unknown, "[User id not found]" signatures.

The best you can achieve is to simply ignore them.

> I suspect that short of doing it by hand (and the thought of 600+
> signatures in some cases) there is no way directly to do this in
> GnuPG.  Is that right?

You can't even do it by hand.

> Points:
>  * I know that the next time I refresh my pubring I will get all the
>    unwanted signatures back, but if the process is automatic I can
>    just re-run the cleaning.

You're not cleaning these keys - you're breaking them.

>  * This issue does not really have any relevance apart from the space
>    that I will save by not having the unnecessary signatures on my
>    "quota"ed account.

Negligible. It's the public keys that take up the room - an unknown signatu=
can only take a tiny amount of disk space. Some public keys are 4kb -=20
especially if images are involved.

Try it, sign a key LOCALLY and compare the filesize before and after using:
gpg -a --export <keyid>

=46ar better to only keep the keys you really need. Thereagain, if your quo=
ta is=20
so close that 4kb makes a significant impact, shouldn't you look somewhere=
else for the offending files??? You'll find a whole host of much larger=20


Neil Williams

Content-Type: application/pgp-signature
Content-Description: signature

Version: GnuPG v1.2.1 (GNU/Linux)