Key corruption: duplicate signatures and usage flags

martin f krafft madduck at
Fri Jun 23 10:02:44 CEST 2017

also sprach Werner Koch <wk at> [2017-06-23 09:40 +0200]:
> Those flags are tracked in self-signatures.  When changing a flag
> a new self-signature is used.  This will be uploaded to the
> keyserver.  gpg uses the flags from the latest self-signature it
> has.

So how does this explain

  % export GNUPGHOME=$(mktemp -d)
  % gpg --recv-key 55C9882D999BBCC4
  % gpg --list-key 55C9882D999BBCC4 | grep '^pub'   # [SC]
  % gpg --edit-key 55C9882D999BBCC4 save
  % gpg --list-key 55C9882D999BBCC4 | grep '^pub'   # [C]

Are you saying that gnupg 2.1.18 added the self-signature in the
wrong place?


@martinkrafft | |
"i wish i hadn't slept all day, it's really lowered my productivity"
                                                   -- robert mcqueen
spamtraps: madduck.bogus at
-------------- next part --------------
A non-text attachment was scrubbed...
Name: digital_signature_gpg.asc
Type: application/pgp-signature
Size: 1118 bytes
Desc: Digital GPG signature (see
URL: </pipermail/attachments/20170623/e2771661/attachment.sig>

More information about the Gnupg-users mailing list