hi debian-folk, i am issuing a warning which might be purely prophylactic, but i figure it's better than not to mention it. it's about GPG and about something along the lines of keyring corruption through normal usage. so read this before you continue using your woody GPG to verify signed email!
i don't have many details, let me explain to you what happened (fortunately i had my keyring backed up): throughout this day, i was happily signing my mail with gnupg 1.0.6-3, the last message i successfully signed was sent 22:16 hours GMT, which was about 20 minutes ago. when i tried to send an email about 10 minutes ago, the signing failed with the following errors: gpg: key A8FA196E: secret key without public key - skipped gpg: key 3290879A: secret key without public key - skipped gpg: key 330C4A75: secret key without public key - skipped gpg: no default secret key: secret key not available gpg: signing failed: secret key not available (the three are all keys i use). oh my, i said, and ran to the console to check: fishbowl:~> gpg --list-key 330c4a75 gpg: error reading key: public key not found fishbowl:~> gpg --list-keys fishbowl:~> gpg --list-sigs fishbowl:~> and i had at least 1000 public keys in my keyring, and at least 30 signatures on my 330c4a75 key. they are all gone, the keyring is not usable anymore, neither public nor private. and the worst of all: i did not do *anything* than read mailing lists, so the only GPG interaction there is automatic fetching of keys from the keyserver through mutt. for the technologically gifted: fishbowl:~> gpg --homedir .gnupg.corrupt --list-packets 330c4a75 gpg: can't open `330c4a75' otherwise i am clueless! -- martin; (greetings from the heart of the sun.) \____ echo mailto: !#^."<*>"|tr "<*> mailto:"; [EMAIL PROTECTED] "there are two major products that come out of berkeley: lsd and unix." one caused me an addiction -- fyodor
pgppy8EBU2WXf.pgp
Description: PGP signature
