"sig!3" entry vs "sig!" entry on certain GnuPG keys from the PuTTY software site

Alphax alphasigmax at gmail.com
Fri Aug 25 15:21:21 CEST 2006


synth_spring at Safe-mail.net wrote:
> The web site for the PuTTY software provides GnuPG keys to verify
> downloads of the PuTTY software. see
> http://www.chiark.greenend.org.uk/~sgtatham/putty/keys.html
> 
> With these keys imported into the GnuPG public keyring, issuing "gpg
> --check-sigs" produced the following output (the user name has been
> redacted):
> 
<snip>
> 
> For the self-signatures on the DSA-type keys (and only the DSA-type
> keys) there is a "sig!3" entry instead of a "sig!" entry. The other
> signatures on the DSA-type keys just have a "sig!" entry. It has been
> said elsewhere that the 3 in the "sig!3" entry indicates a
> certificate check level of 3. However, the 3 does not appear on the
> self-signature entries for the RSA-type keys. Is this to do with the
> key types (the DSA type and the RSA type), the way that the keys were
> created and/or signed, or some other reason?
> 

It's to do with the way the keys were signed at the time they were
generated.

There is a "default certification level" option that can be used either
on the command line or in a config file - normally GnuPG will ask you
for the certification level when you sign a key, but the default /can/
be used if the right options are set, and /will/ be used at the time of
key generation.

-- 
                Alphax
        Death to all fanatics!
  Down with categorical imperative!
OpenPGP key: http://tinyurl.com/lvq4g

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 569 bytes
Desc: OpenPGP digital signature
Url : /pipermail/attachments/20060825/641b4ad3/signature.pgp


More information about the Gnupg-users mailing list