tofu: Missing entry in the bindings table for new key
Justus Winter
justus at g10code.com
Tue Jan 24 11:53:55 CET 2017
Hi,
Luis Ressel <aranea at aixah.de> writes:
> Hello,
>
> I created a new key today. When I tried to verify a signature made by
> this key, I got the error message
>
> gpg: Signature made Sat Jan 21 01:07:59 2017 CET
> gpg: using RSA key DEADBEEF
> gpg: Good signature from "foo <foo at example.org>" [ultimate]
> gpg: aka "foo <foo at example.com>" [ultimate]
> gpg: error updating TOFU database: NOT NULL constraint failed: signatures.binding
> gpg: TOFU: error registering signature: General error
>
> Apparently no entry for my key/userid had been recorded in the bindings
> table. I was of course able to fix this by calling
> "gpg --tofu-policy good DEADBEEF", but it still looks like a bug to me.
> Any ideas how this could happen?
>
> Potentially relevant facts:
> * The new key's userid collides with that of my old key.
> * I'm using the setting "tofu-default-policy unknown".
Can you please describe in detail what you were doing so that we can
recreate the problem? You can create a throwaway environment for
experimentation by setting the environment variable GNUPGHOME to a
temporary directory, like so (assuming a Bourne-like shell):
$ export GNUPGHOME=$(mktemp -d)
$ gpg -k
[nothing]
Note that you need to copy your gnupg configuration over, or at least
configure the trust model.
Thanks,
Justus
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 487 bytes
Desc: not available
URL: </pipermail/attachments/20170124/b12d2418/attachment.sig>
More information about the Gnupg-users
mailing list