Clear all signatures on key?

Alphax alphasigmax at gmail.com
Wed Apr 19 12:51:22 CEST 2006


Tech wrote:
> 
> Hello,
> 
> I'm trying to figure out how to remove all signatures from all my GPG
> keys. I've RTFM but I've missed something I'm afraid. Here is what I am
> seeing:
> 
> 1. Type "gpg --list-keys" and I get a list of my keys. (me at me.com is a
> fake email address for the sake of this post...)
> 
> 2. I type gpg --edit-key me at me.com
> 
> I am now in edit mode
> 
> Command> list
> 
> (I get my key information)
> 
> Command> uid 1
> 
> (I then select my key)
> 
> Command> Delsig
> Nothing deleted.
> 
> Command> Minimize
> User ID "My Key etc etc":
> already clean.
> 
> Command> check
> uid "My Key etc etc"
> 1 user ID without valid self-signature detected
> 
> Command> quit
> 
> 
> 
> 3. I type 'gpg --list-sigs" and I get a list of keys thusly:
> 
> C:\Documents and Settings\Administrator>gpg --list-sigs
> h:/gnupg-keys\pubring.gpg
> -------------------------
> pub   1024D/XXXXXXXX 2005-08-10
> uid                  My Key (Email Encryption/Signing Key) <me at me.com>
> sub   4096g/XXXXXXXX 2005-08-10 [expires: 2006-08-10]
> sig          XXXXXXXX 2005-08-10  My Key (Email Encryption/Signing Key)
> <me at me.com>
> 
> 
> 
> Question: What signature is listed there that is reported from my
> --list-sigs command? What have I missed? I would think I have no
> signatures installed on my key?
> 

The signature listed in on the subkey, not the UID; this signature
"binds" the subkey to the primary. Note that by default GPG will not
like the fact that a UID doesn't have a valid self-signature; a
self-signature on a UID "binds" the UID to the key itself. If it were
not for selfsigs ike this, it would be trivial for someone to inject
their own UID (with your name, but a different email address) into their
copy of your key and then upload it to eg. a keyserver. You should
probably edit your key and re-sign it by using the "sign" command.

HTH,
-- 
                Alphax
        Death to all fanatics!
  Down with categorical imperative!
OpenPGP key: http://tinyurl.com/lvq4g

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 551 bytes
Desc: OpenPGP digital signature
Url : /pipermail/attachments/20060419/829b0175/signature.pgp


More information about the Gnupg-users mailing list