Using the "clean" function (and the "PGP Global Directory")
dshaw at jabberwocky.com
Wed Jun 23 06:44:30 CEST 2010
On Jun 23, 2010, at 12:03 AM, Dan Mahoney, System Admin wrote:
>>> Are you sure about that? "clean" strips off useless signatures (useless being defined as an invalid signature, a superseded signature, a revoked signature, and a signature from a key that isn't present on the keyring). Signatures from keys that are present, but have no trust value are not stripped off.
>> Let me double check. I saw it earlier today when transferring my work sig to my personal one. But it might just have been that my coworkers did not have sigs present. It's entirely possible I mangled the windows.
> Yup, that's what happened. I had imported my work key to my personal machine, but didn't have the keys of all my coworkers on my personal box, so "clean" decided to be helpful.
> I pulled it off the keyserver again, and then pulled down the keys of all my coworkers, and was good.
Ah, good. I'm glad.
> On a related subject, is there a way to say "pull down the keys of all keyids who have signed key X"?
Not directly, but you can do something like this:
gpg --recv-keys `gpg --with-colons --fixed-list-mode --list-sigs $THE_KEY | egrep '^sig:' | cut -f5 -d: | sort -u`
More information about the Gnupg-users