The Facts:

david at gbenet.com david at gbenet.com
Sun Nov 16 05:59:16 CET 2014


On 15/11/14 20:24, Werner Koch wrote:
> On Sat, 15 Nov 2014 19:10, johanw at vulcan.xs4all.nl said:
> 
>> I believe there exist some differences between gpg2 keyrings and gpg 1.x
>> keyrings, but I don't know the details. Does gpg2 still use trustdb.gpg?
> 
> No.  Only with 2.1 tehre is the new keybox format (pubring.kbx) which
> will be used for new installations but an existing pubring.gpg from pre
> 2.1 will be used if it exists.
> 
>> And since gpg 2.1 dropped v3 key support, how does it react on a keyring
>> with v3 keys in it?
> 
> At the next write access to the keyring v3 keys are removed.
> 
> David send me one of his mails privately without mentioning that he also
> send he to the ML :-(.  I looked at it anyway; see below.
> 
> 
> Salam-Shalom,
> 
>    Werner
> 
> 
> On Sat, 15 Nov 2014 12:58, david at gbenet.com said:
> 
>> sec   4096R/AAD8C47D 2014-08-17
>> uid                  postmaster (There's always light at the end of the tunnel)
>> <postmaster at gbenet.com>
>> ssb   4096R/FDDA1EF2 2014-08-17
>>
>> david at laptop-1:/media/store$
>>
>> gpg --output mykey1.asc --export -a AAD8C47D
>> gpg --output mykey2.asc --export -a FDDA1EF2
> 
> You are about to export the same key iwtice.  Unless special options are
> used the --export command exports the main key "sec" and all subkeys
> "ssb".  Not a problem but may be surprising.
> 
>> gpg: can't handle public key algorithm 19
>> gpg: can't handle public key algorithm 18
> 
> You played with the new ECC algorithms but not a problem.
> 
> 
>> david at laptop-1:/media/store$
>>
>> gpg -ao allow-non-selfsigned-uid david-public.key --export FDDA1EF2
> 
> You wrote output to the file "allow-non-selfsigned-uid" ;-)
> 
> 
>> gpg: writing to `david-public.key'
>> gpg: can't handle public key algorithm 19
>> gpg: can't handle public key algorithm 18
>> david at laptop-1:/media/store$
>>
>> Got the same error message. there's something wrong with subkey binding signatures for
>> secret keys.
> 
> I can't see an error message. "can't handle public..." are just warnings
> about some othe keys found in the keyring or your key? 
> 
>> david at laptop-1:/media/david/store$ gpg -ao --import --allow-non-selfsigned-uid david-public.key
>> gpg: armour header: Version: GnuPG v1.4.11 (GNU/Linux)
>> pub  4096R/AAD8C47D 2014-08-17 postmaster (There's always light at the end of the tunnel)
>> <postmaster at gbenet.com>
>> sig        AAD8C47D 2014-11-15   [selfsig]
>> gpg: can't handle public key algorithm 19
>> gpg: can't handle public key algorithm 18
>> sig        32521C09 2014-08-25   Carolyn Hoyle (I respect privacy) <carolynbelkair at yahoo.co.uk>
>> sub  4096R/FDDA1EF2 2014-08-17
>> sig        AAD8C47D 2014-08-17   [keybind]
>> david at laptop-1:/media/david/store$
> 
> 
> It seems that you have ECC subkeys on your key or signed a key woth an
> ECC key.  I can't check that because the keyservers do not yet all
> support ECC.
> 
>> "Key 0xAAD8C47D not found or not valid. The (sub-)key might of expired."
> 
> Please send me your complete key.  The copy from the keyservers might
> not be complete.  --export is sufficient.
> 
> 
> Salam-Shalom,
> 
>    Werner
> 
> 
> 
> 
Werner,

I have partly resolved the problem - which seems to be related to gnupg2 Thunderbird and
Enigmail running on a 64 bit Linux. The only error message am now getting is "bad
passphrase" when I've not even entered a passphrase but am about to too.

As I recall the only options I have are installing  a version of Thunderbird at least 4
years older than the current version. I'm using Thunderbird 24.6.0 at the moment with the
same error message - "bad passphrase" with no ability at the terminal or in Enigmail to
correct or change it. Even gnupg 1.4 does not accept -passwd.

As I recall I had the same problem with Fedora and Suse 14 64 bit. I'm on Linux
3.11.0-26-generic (x86_64) Ubuntu 13.10. And as I recall others had similar problems with
Fedora on a 64 bit O/S.

I've enclosed a copy of my private key - but as I've got rid of gnupg2 the error message
"Key 0xAAD8C47D not found or not valid. The (sub-)key might of expired" has vanished. The
only error message am stuck with is "bad passphrase" and no ability to sign or encrypt
emails or files or anything else.

So am going to install a copy of Thunderbird at least 4 years older than the current version
with an appropriate Enigmail. As stated and as aa fact of daily life there are problems
running a Linux distro in x86_64 there are problems with gnupg2 there are problems with
Thunderbird and there are problems with Enigmail.

David




-- 
“See the sanity of the man! No gods, no angels, no demons, no body. Nothing of the
kind.Stern, sane,every brain-cell perfect and complete even at the moment of death. No
delusion.” https://linuxcounter.net/user/512854.html - http://gbenet.com
-------------- next part --------------
A non-text attachment was scrubbed...
Name: david-public.key
Type: application/pgp-keys
Size: 4295 bytes
Desc: not available
URL: </pipermail/attachments/20141116/93c80528/attachment.key>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: 0xAAD8C47D.asc
Type: application/pgp-keys
Size: 5843 bytes
Desc: not available
URL: </pipermail/attachments/20141116/93c80528/attachment-0001.key>


More information about the Gnupg-users mailing list