Rare condition incompatibility of public key
John W. Moore III
jmoore3rd at bellsouth.net
Sun Nov 30 21:12:44 CET 2008
-----BEGIN PGP SIGNED MESSAGE-----
Myckel Habets wrote:
> Hello list,
> Last week I had contact with someone who said that my public key was
> "bad" according his validation program.
> The person who said to me that the key validates as bad uses the PGPkeys
> program from the PGP corporation software (version 6.58, last version
> that was released when Phil Zimmerman worked there, he doesn't trust
> later versions) to do the validation.
> To sum this up I have two questions:
> 1) What is causing this problem? Is my key really bad or is this an
> incompatibility between PGPkeys version 6.58 and GPG?
> 2) Do I need to create new keys and revoke this key?
Was the 'Key Bad' or the Signature? Since Your "friend" insists upon
using 6.5.8 [deprecated] then My suspicion is that the Signature failed
to verify simply because the Hash used was one which isn't available in
6.5.8. You do not need to create a New Key but You do have 2 choices:
1.) Drag Your Neanderthal Friend out of the Encryption 'Stone Age' by
convincing Him to Upgrade to an Application RFC4880 compliant, or
2.) Correspond with Him/Her using _only_ a Hash which is compatible
with 6.5.8. :-\
Timestamp: Sunday 30 Nov 2008, 15:12 --500 (Eastern Standard Time)
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10-svn4878: (MingW32)
Comment: Public Key at: http://tinyurl.com/8cpho
Comment: Gossamer Spider Web of Trust: https://www.gswot.org
Comment: Homepage: http://tinyurl.com/yzhbhx
-----END PGP SIGNATURE-----
More information about the Gnupg-users