Invalid subkey binding

Jason Harris
Sun May 4 01:03:02 2003

Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

On Sat, May 03, 2003 at 04:10:09PM -0400, Dennis Lambe Jr. wrote:

> I uploaded my public key to two of the keyservers that David Shaw said
> would be able to handle my subkeys, and
> hkp://  A friend then signed my key and sent the
> changes to, from which I refreshed my key.  Later, I
> refreshed it again and gpg now reports:
> ~$ gpg --refresh lambe
> gpg: refreshing 1 key from
> gpg: key F53BA904: invalid subkey binding
> gpg: key F53BA904: "Dennis Patrick Lambe Jr." not changed
> gpg: Total number processed: 1
> gpg:              unchanged: 1

Check the verbose (default) listing on and see that
a "[keybind, hash: type 2, 6e 50]" signature is present on both subkeys,
making it likely to be a duplicate (that is invalid when paired with
the wrong subkey).

pgpdump[.net] and gpg -v -v <keyring> will also display the stored top
two bytes of hashes over signed data areas as well as a whole lot more
information.  See RFC 2440 for details.

Jason Harris          | NIC:  JH329, PGP:  This _is_ PGP-signed, isn't it? | web:

Content-Type: application/pgp-signature
Content-Disposition: inline

Version: GnuPG v1.2.1 (FreeBSD)