self signed keys

Axel Braun axel.braun at gmx.de
Wed Aug 14 11:09:45 CEST 2013 

Am Mittwoch, 14. August 2013, 10:05:18 schrieb Johan Wevers:
> On 14-08-2013 9:47, Axel Braun wrote:
> > Where is the requirement to sign your own key documented?
> 
> AFAIK it is not required, just common practice.

Really? I recently had a key which I was unable to import due to missing self-
signature. Just with the option --allow-non-selfsigned-uid it was possible

docb at T520:~> gpg2 --import --verbose --allow-non-selfsigned-uid 
user.asc 
gpg: enabled debug flags: memstat
Version: BCPG v1.33
gpg: armor header: 
gpg: pub     0s/AA58AC4E 2013-06-11  <xxx at xxx.de>
gpg: key AA58AC4E: unsupported public key algorithm on user ID 
"xxx<xxx at xxx.de>"
gpg: key AA58AC4E: unsupported public key algorithm
gpg: key AA58AC4E: accepted non self-signed user ID "xxx<xxx at xxx.de>"
gpg: key AA58AC4E: skipped subkey
gpg: using PGP trust model
gpg: Invalid key AA58AC4E made valid by --allow-non-selfsigned-uid
gpg: key AA58AC4E: public key "xxx <xxx at xxx.de>" 
imported
gpg: Total number processed: 1
gpg:               imported: 1  (RSA: 1)
gpg: 26 keys cached (157 signatures)
gpg: 23 keys processed (33 validity counts cleared)
gpg: 3 marginal(s) needed, 1 complete(s) needed, PGP trust model
gpg: Invalid key AA58AC4E made valid by --allow-non-selfsigned-uid
gpg: depth: 0  valid:   7  signed:  13  trust: 0-, 0q, 0n, 0m, 0f, 7u
gpg: Invalid key AA58AC4E made valid by --allow-non-selfsigned-uid
gpg: depth: 1  valid:  13  signed:   0  trust: 13-, 0q, 0n, 0m, 0f, 0u
gpg: next trustdb check due at 2042-08-02
random usage: poolsize=600 mixed=0 polls=0/0 added=0/0
              outmix=0 getlvl1=0/0 getlvl2=0/0
secmem usage: 0/32768 bytes in 0 blocks

The key sentence is 
gpg: Invalid key AA58AC4E made valid by --allow-non-selfsigned-uid

So where is it specified that a key has to be self-signed?

Cheers/Axel
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 198 bytes
Desc: This is a digitally signed message part.
URL: </pipermail/attachments/20130814/5c172308/attachment.sig>

More information about the Gnupg-users mailing list