On Fri, May 27, 2005 at 10:06:12AM +0300, Oskar L. wrote: > "David Shaw" <[EMAIL PROTECTED]> wrote: > > No, it's the other way around. The public key can be created from the > > secret key. What you are seeing with the second self-signature is a > > historical oddity. In the past, keys were generated with two > > different self-signatures - one on the secret key and one on the > > public key. You are just seeing them both. Newer keys are generated > > with a single self signature so you only see one. > > Thanks for your anwser, but I'm a bit confused now about what exactly you > mean by "in the past" and "newer keys", since this is happening even > though I'm using the current version (1.4.1, Debian package), and the > keypair was also generated using the same version.
"Newer keys" is 1.4.2 and later. I'm sorry I didn't make that clear. > "Werner Koch" <[EMAIL PROTECTED]> wrote: > > It has been fixed in the CVS when creating new keys. How only one > > self-signature is created and used verbatim also for the secret key. > > This will go into 1.4.2. > > Will 1.4.2 also be able to fix the signatures on older keys? There is no need to. The extra signature is harmless (it's a signature issued by you, on your own key after all). If it really bothers you, you can use --edit-key and 'delsig' to delete one of them (it doesn't matter which one). I'm working on a general solution for extra signatures and what to do with them, but it's important to note that this is mainly an aesthetic problem. The key will work just fine, and there is no weakness in having extra signatures. Some people just don't like extra signatures, and when you get into things like the Global Directory, you can have a LOT of extra signatures. David _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
