Keyservers mangle with subkey binding sigs
Vlad "SATtva" Miller
sattva at pgpru.com
Sat Jan 19 14:38:50 CET 2008
Charly Avital wrote on 19.01.2008 18:26:
> Vlad "SATtva" Miller wrote the following on 1/19/08 6:01 AM:
> | Here for example (in the bottom) you may see two subkeys with binding
> | signatures expired at 2007-12-31:
> So it is.
> | But if you look at the original copy you'll see that all regenerated
> | sigs are in place:
> | http://www.vladmiller.info/contacts/openpgp.txt
> After importing that keyblock:
> [name]$ gpg --edit-key 8443620A
> gpg (GnuPG) 1.4.8; Copyright (C) 2007 Free Software Foundation, Inc.
> This is free software: you are free to change and redistribute it.
> There is NO WARRANTY, to the extent permitted by law.
> pub 4096R/8443620A created: 2006-12-21 expires: never usage: SC
> ~ trust: unknown validity: unknown
> sub 2048R/070E0B73 created: 2006-12-21 expires: 2010-01-01 usage: S
> sub 2048R/7D57ED51 created: 2006-12-21 expires: 2010-01-01 usage: E
So here's an explicit distinction between what we got from a keyserver
and from the gpg output.
> In my system now:
> I have not signed your key
And you should not.
SATtva | security & privacy consulting
www.vladmiller.info | www.pgpru.com
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 505 bytes
Desc: OpenPGP digital signature
More information about the Gnupg-users