What causes this bad signature
Peter Lebbing
peter at digitalbrains.com
Wed Nov 18 15:15:40 CET 2015
On 18/11/15 13:53, david at gbenet.com wrote:
> I downloaded the key and all sub-keys. Neither GPA Kgpg or Kleopatra give any warnings
> about this key. You don't say what's bad about it - which is why your not getting much help
> here.
Actually, I understand what he means, I just don't know how to
investigate further. I tried with --debug-*, but I got no more info, and
was at a loss how to continue right there and then, so I didn't post a
reply.
>From his original post:
> My key is 0x58A2D94A93A0B9CE and their signature comes from
> 0x5E5CCCB4A4BF43D7:
>
> pub 2048R/0x58A2D94A93A0B9CE 2009-08-11
> uid [ultimate] Sebastian Wiesinger <sebastian at karotte.org>
> sig!3 P 0x58A2D94A93A0B9CE 2015-03-27 never Sebastian Wiesinger <sebastian at karotte.org>
> sig-3 1 0x5E5CCCB4A4BF43D7 2015-11-14 never Governikus OpenPGP Signaturservice (Neuer Personalausweis) <kontakt at governikus.com>
Note the sig-3 line; the dash indicates a bad signature, as the man page
indicates for --check-sig. Additionally, GnuPG outputs the line:
> gpg: 1 bad signature
which he didn't include in his quote because he trimmed the console
output; it would have included about 55 other signatures, so I get why
he did that ;).
HTH,
Peter.
--
I use the GNU Privacy Guard (GnuPG) in combination with Enigmail.
You can send me encrypted mail if you want some privacy.
My key is available at <http://digitalbrains.com/2012/openpgp-key-peter>
More information about the Gnupg-users
mailing list