Key corruption: duplicate signatures and usage flags

Werner Koch wk at gnupg.org
Tue Jul 25 14:23:36 CEST 2017


On Fri, 23 Jun 2017 10:02, madduck at madduck.net said:

> Are you saying that gnupg 2.1.18 added the self-signature in the
> wrong place?

There is no right or wrong place.  gpg uses the latest valid
self-signature according to the timestamp in the self-signature.  Use
--with-colons to see the full timestamps (cf. doc/DETAILS).

Probably unrelated: --list-keys does not check the key signatures; you
need to use --check-sigs.


Salam-Shalom,

   Werner

-- 
Die Gedanken sind frei.  Ausnahmen regelt ein Bundesgesetz.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 227 bytes
Desc: not available
URL: </pipermail/attachments/20170725/63aad347/attachment.sig>


More information about the Gnupg-users mailing list