Ohhhh jeeee: ... this is a bug (getkey.c:2079:merge_selfsigs)

Sergi Blanch i Torné sbt at megacceso.com
Wed Mar 1 19:10:02 CET 2006


Ok, in this case (David correct me if i am wrong) it look like there was 
something broke in the pubring that was fixed when you ran 
'--update-trustdb' (over an unpatched binary).

Now you haven't any problem. All works fine? I, also, download this key in my 
pubring without problems.

I remark: this ecc patch is _experimental_, use it carefully!

/Sergi.

A Dimecres 01 Març 2006 14:12, Phil Pennock va escriure:
> On 2006-02-28 at 13:07 +0100, sbt at megacceso.com wrote:
> > Ok, now it works, but can you send me any information that could be
> > interesting? For example how you create the 0xC9541FB2,
>
> It's a public key for someone else, imported with --recv-key, because
> it's in a trust path I need.
>
> I do have a rather large public key ring (69MB); at times when the trust
> path tools have been broken, I wrote a gpg_fetchsigners wrapper which
> imports the signers on a key; it's not very good for finding the keys
> signed _by_ a key, but there is a degree of correlation and so it's been
> adequate to let me get a decent population of trust paths to things I
> need (signers of security notices, packages, etc).  I'm tempted to dump
> out my public keyring and only re-import those which are on my current
> ownertrust list.
>
> So yes, I've seen various broken signatures and hit the mpi bug.



More information about the Gnupg-users mailing list