[OT?]: Keyserver / Subkeys / replicating selfsigs

Sascha Lüdecke sascha at meta-x.de
Mon May 10 11:16:49 CEST 2004 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1


Hi all!

After some keysigning I was notified that my key on wwwkeys.pgp.net
is unuseable.   After taking a closer look there are strange
effects.  This is my key:

pub  1024D/CC611EE6 2000-01-26 Sascha Luedecke (private) <sascha at meta-x.de>
uid                            Moxon <moxon at meta-x.de>
sub  2048g/85D3C1A7 2000-01-26 [expires: 2003-01-25]
sub  2048g/BC8DCB23 2003-04-04 [expires: 2006-04-03]
sub  1024D/5240B9BF 2003-04-04 [expires: 2006-04-03]


1. Problem: uploading to the keyserver
======================================

When I export my key to the hkp://wwwkeys.pgp.net keyserver:

a)  gnupg doesn't give me an error message

    gpg --verbose --send-key cc611ee6

    The key is silently accepted but the new subkeys are _not_ listed
    on the keyserver.  I tried this at least three times (giving it a
    night to update its databse) with no success (but other effects,
    see blow).

    Maybe GnuPG should give some error message (if hkp tells it about
    errors).


b)  parts of the key get rejected.  When submitting through the
    webinterface, the result is:

    Key block in add request contained no new
    keys, userid's, or signatures.
    Your key block contained 5 format errors,
    which were treated as if the erroneous elements
    hadn't been part of your submission.
    The last error was on key 0x037aaac0:
    Key block corrupt: more than one signature on subkey

    Aha.  gpg tells me that (gpg --export --armor cc611ee6 | gpg --verbose -)

    pub  1024D/CC611EE6 2000-01-26 Sascha Luedecke (private) <sascha at meta-x.de>
    [...]
    uid                            Moxon <moxon at meta-x.de>
    [...]
    sub  2048g/85D3C1A7 2000-01-26  [expires: 2003-01-25]
    sig        CC611EE6 2003-10-06   [selfsig]
    sig        CC611EE6 2000-01-26   [keybind]
    sub  2048g/BC8DCB23 2003-04-04  [expires: 2006-04-03]
    sig        CC611EE6 2003-04-04   [keybind]
    sub  1024D/5240B9BF 2003-04-04  [expires: 2006-04-03]
    sig        CC611EE6 2003-04-04   [keybind]

    Whats going wrong here?



2. Problem:  replicating selfsigs
=================================

I "gpg --recv-key" several times since I have been on a keysigning
party this weekend.  Each time I get some new signatures which is
great (thanks if anyone of them is listening).   But:  each time I
- --refresh-keys or --recv-key the list of selfsigs on my key grows,
currently (other sigs removed):


    pub  1024D/CC611EE6 2000-01-26 Sascha Luedecke (private) <sascha at meta-x.de>
    sig 3       CC611EE6 2004-05-10   Sascha Luedecke (private) <sascha at meta-x.de>
    sig 3       CC611EE6 2004-05-10   Sascha Luedecke (private) <sascha at meta-x.de>
    sig 3       CC611EE6 2004-05-10   Sascha Luedecke (private) <sascha at meta-x.de>
    sig 3       CC611EE6 2004-05-10   Sascha Luedecke (private) <sascha at meta-x.de>
    sig 3       CC611EE6 2004-05-10   Sascha Luedecke (private) <sascha at meta-x.de>
    sig 3       CC611EE6 2004-05-10   Sascha Luedecke (private) <sascha at meta-x.de>
    sig 3       CC611EE6 2004-05-10   Sascha Luedecke (private) <sascha at meta-x.de>
    sig 3       CC611EE6 2004-05-10   Sascha Luedecke (private) <sascha at meta-x.de>
    sig 3       CC611EE6 2004-05-10   Sascha Luedecke (private) <sascha at meta-x.de>
    sig 3       CC611EE6 2004-05-10   Sascha Luedecke (private) <sascha at meta-x.de>
    sig 3       CC611EE6 2004-05-08   Sascha Luedecke (private) <sascha at meta-x.de>
    sig 3       CC611EE6 2000-02-10   Sascha Luedecke (private) <sascha at meta-x.de>
    sig 3       CC611EE6 2003-10-06   Sascha Luedecke (private) <sascha at meta-x.de>
    sig 3       CC611EE6 2003-10-06   Sascha Luedecke (private) <sascha at meta-x.de>
    sig 3       CC611EE6 2004-05-08   Sascha Luedecke (private) <sascha at meta-x.de>
    sig 3       CC611EE6 2004-05-08   Sascha Luedecke (private) <sascha at meta-x.de>
    sig 3       CC611EE6 2004-05-08   Sascha Luedecke (private) <sascha at meta-x.de>
    sig 3       CC611EE6 2004-05-08   Sascha Luedecke (private) <sascha at meta-x.de>
    sig 3       CC611EE6 2004-05-08   Sascha Luedecke (private) <sascha at meta-x.de>
    sig 3       CC611EE6 2004-05-08   Sascha Luedecke (private) <sascha at meta-x.de>

Fine, I definitely trust myself and since I forget a lot of things I
express this twice, 3x, ... DAILY *bg*

so:

a)  what can I do to get rid of this selfsigs
b)  how can I stop the keyserver or gnupg from replicating this sigs?


Regards,
Sascha

PS: If you want my key, get it from http://meta-x.de/openpgp.asc,
    _not_ from the keyserver!!


- -- 
He who dies with the most toys is dead.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (GNU/Linux)

iD8DBQFAn0iEwapeXFJAub8RAuRlAJ9VQztHkMd+D/xPFInE9CN8Q6Iu5ACePEla
w2wK83csKz2SzqzqCj+DwaA=
=rIe8
-----END PGP SIGNATURE-----

More information about the Gnupg-users mailing list