Invalid cross certification?
Werner Koch
wk at gnupg.org
Tue Apr 8 18:44:06 CEST 2008
On Tue, 8 Apr 2008 17:35, rjh at sixdemonbag.org said:
> 1. If 1.4.9 and 2.0.9 use the same crypto code for OpenPGP, why is
> there this difference in functionality?
I did a quick check and I can't find a difference in the code. Do
youuse the same config file? Note that gpg tries to read a gpg.conf-2
file first. If David has no other idea, I'd ask you to send me that
test signature.
> 2. How is it possible to put an 0x19 signature on the primary key from
> the subkey, in order to get rid of this error message?
I am not sure whether this works. We probably never tested the case
to rectify an invalid cross-signature:
http://www.gnupg.org/faq/subkey-cross-certify.html
(en)If you have been pointed to this page by someone who received
a warning when verifying one of your signatures, your key does
not contain a subkey cross-certification. You can easily add
this cross-certification using GnuPG 1.4.3 or later. To do
this, simply run "gpg --edit-key (yourkey)" and then enter
"cross-certify". You'll need to type your passphrase, and
GnuPG will add the necessary cross-certification. Once this
is done, you should distribute your key however you like (send
it to a keyserver, post on a web page, etc). If you have
already done this and people are still receiving the warning,
make sure they have updated their copy of your key from the
keyserver or web page.
Shalom-Salam,
Werner
--
Die Gedanken sind frei. Auschnahme regelt ein Bundeschgesetz.
More information about the Gnupg-users
mailing list