Re: Corrupt keys
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Alphax wrote: > Recently, I discovered the following message on GPG startup: > > gpg: signature packet without timestamp > More fun: gpg: buffer shorter than subpacket gpg: buffer shorter than subpacket gpg: signature packet without keyid gpg: buffer shorter than subpacket gpg: buffer shorter than subpacket gpg: buffer shorter than subpacket gpg: signature packet without keyid gpg: buffer shorter than subpacket I'm guessing these are from the infamous "PGP Global Directory Verification Key". Fortunately, I have a "clean" copy of this key - it has about 3 sigs on it, as opposed to the current 500+. Actually, I'd be interested to hear who has a non-corrupt copy of this key, and how many sigs are on it (please make public, so we can all share it!). Oh, and why does this list not automagically set the Reply-to header? - -- Alphax OpenPGP key: 0xF874C613 - http://tinyurl.com/cc9up http://en.wikipedia.org/wiki/User:Alphax There are two kinds of people: those who say to God, 'Thy will be done,' and those to whom God says, 'All right, then, have it your way.' - C. S. Lewis -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.1 (MingW32) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iD8DBQFCt9RV/RxM5Ph0xhMRAtrPAJ4syutqplm0d4PFDKAYZydeKVPbdgCggFxm jd2HfTmJHj9zOV2xM5tFye8= =L7Md -END PGP SIGNATURE- ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Corrupt keys
On Tuesday 21 June 2005 9:48 am, Alphax wrote: > Fortunately, I have a "clean" copy of this key as does subkeys.pgp.net - it was retrieved automatically and without spurious signatures or errors. > - it > has about 3 sigs on it, gpg --list-sigs 0xF874C613 pub 1024D/F874C613 2005-04-28 uid Alphax <[EMAIL PROTECTED]> sig 97394664 2005-05-23 [User ID not found] sig 3F874C613 2005-04-29 Alphax <[EMAIL PROTECTED]> sig 1 PC521097E 2005-05-05 [User ID not found] sig 1 P9C851DF1 2005-05-05 [User ID not found] uid Andrew Cranwell (Alphax) <[EMAIL PROTECTED]> sig 97394664 2005-05-23 [User ID not found] sig 3F874C613 2005-04-28 Alphax <[EMAIL PROTECTED]> sig 1 PC521097E 2005-05-05 [User ID not found] uid Andrew Cranwell <[EMAIL PROTECTED]> sig 97394664 2005-05-23 [User ID not found] sig 3F874C613 2005-04-29 Alphax <[EMAIL PROTECTED]> sig 1 PC521097E 2005-05-05 [User ID not found] sub 2048g/51E09049 2005-04-28 sig F874C613 2005-04-28 Alphax <[EMAIL PROTECTED]> > as opposed to the current 500+. Delete the key from your keyring, retrieve it from subkeys.pgp.net and change your keyserver preference. > Actually, I'd be > interested to hear who has a non-corrupt copy of this key, and how many > sigs are on it (please make public, so we can all share it!). > > Oh, and why does this list not automagically set the Reply-to header? Because it's sensible and uses decent headers like List-Id. :-) -- Neil Williams = http://www.data-freedom.org/ http://www.nosoftwarepatents.com/ http://www.linux.codehelp.co.uk/ pgpsUTuj9gfFI.pgp Description: PGP signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Corrupt keys
On Tuesday, June 21, 2005, 12:04:38 PM, Neil wrote: >> Fortunately, I have a "clean" copy of this key > > as does subkeys.pgp.net - it was retrieved automatically and without > spurious signatures or errors. I guess he's talking about the PGP Global Directory key (0xCA57AD7C). Regards, Mark Kirchner -- _ Key (0x172C073C): http://www.mark-kirchner.de/keys/key-mk.asc pgpKdXyaee297.pgp Description: PGP signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
How to import a secret subkey?
I recently created a new subkey for a keypair that I use on two machines, but I cannot get the subkey onto the second machine. I have tried gpg --export, --export-secret and --export-secret-subkey on the first computer but gpg --import refuses to add the subkey on the second one. How can I do this? Thanks, Adam ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: How to import a secret subkey?
On Tue, Jun 21, 2005 at 10:44:40AM +0100, Adam Funk wrote: > I recently created a new subkey for a keypair that I use on two > machines, but I cannot get the subkey onto the second machine. I have > tried gpg --export, --export-secret and --export-secret-subkey on the > first computer but gpg --import refuses to add the subkey on the second > one. > > How can I do this? You can't. GnuPG does not currently support merging secret subkeys. To do it, you need to delete the secret key on the second machine and re-import the whole key. David ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
[Announce] Second release candidate for GnuPG 1.4.2 available
Hi! We are pleased to announce the availability of a second release candidate for the forthcoming 1.4.2 version of GnuPG: ftp://ftp.gnupg.org/gcrypt/alpha/gnupg/gnupg-1.4.2rc2.tar.bz2 (28Mk) ftp://ftp.gnupg.org/gcrypt/alpha/gnupg/gnupg-1.4.2rc2.tar.bz2.sig Alternatively a patch against the first release candidate may be downloaded from the same directory: gnupg-1.4.2rc1-1.4.2rc2.diff.bz2 (228k) A binary version build for Microsoft Windows is available at: ftp://ftp.gnupg.org/gcrypt/alpha/binary/gnupg-w32cli-1.4.2rc2.exe (1.4M) ftp://ftp.gnupg.org/gcrypt/alpha/binary/gnupg-w32cli-1.4.2rc2.exe.sig Please try it out and report any problems to the gnupg-devel or gnupg-users list (http://www.gnupg.org/documentation/mailing-lists.html). Checksums are: 42f045f7704989a07a0703885ae2d6c9d56f3bfe gnupg-1.4.2rc2.tar.bz2 1ddb8a0edeaef9c48ef7dd2bdbe191c9e01a973d gnupg-1.4.2rc1-1.4.2rc2.diff.bz2 369fd17452f788e0f290a56a0888a3525b7d58c9 gnupg-w32cli-1.4.2rc2.exe Noteworthy changes since 1.4.1: * New command "verify" in the card-edit menu to display the Private-DO-3. The Admin command has been enhanced to take the optional arguments "on", "off" and "verify". The latter may be used to verify the Admin Pin without modifying data; this allows displaying the Private-DO-4 with the "list" command. * Rewrote large parts of the card code to optionally make use of a running gpg-agent. If --use-agent is being used and a gpg-agent with enabled scdaemon is active, gpg will now divert all card operations to that daemon. This is required because both, scdaemon and gpg require exclusive access to the card reader. By delegating the work to scdaemon, both can peacefully coexist and scdaemon is able to control the use of the reader. Note that this requires at least gnupg 1.9.17. * Fixed a couple of problems with the card reader. * Command completion is now available in the --edit-key and --card-edit menus. Filename completion is available at all filename prompts. Note that completion is only available if the system provides a readline library. * New experimental HKP keyserver helper that uses the cURL library. It is enabled via the configure option --with-libcurl like the other (also experimental) cURL helpers. * New key cleaning options that can be used to remove unusable (expired, revoked) signatures from a key. This is available via the new "clean" command in --edit-key on a key by key basis, as well as via the import-clean-sigs/import-clean-uids and export-clean-sigs/export-clean-uids options for --import-options and --export-options. These are currently off by default, and replace the import-unusable-sigs/export-unusable-sigs options from version 1.4.1. Translators may use this release to update the PO files for inclusion in 1.4.2. See doc/TRANSLATE. Happy Hacking, David, Timo, Werner -- Werner Koch <[EMAIL PROTECTED]> The GnuPG Expertshttp://g10code.com Free Software Foundation Europe http://fsfeurope.org Join the Fellowship and protect your Freedom!http://www.fsfe.org pgp2CcsD2EM5d.pgp Description: PGP signature ___ Gnupg-announce mailing list [EMAIL PROTECTED] http://lists.gnupg.org/mailman/listinfo/gnupg-announce ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Corrupt keys
On Tue, Jun 21, 2005 at 11:04:38AM +0100, Neil Williams wrote: > On Tuesday 21 June 2005 9:48 am, Alphax wrote: > > Fortunately, I have a "clean" copy of this key > as does subkeys.pgp.net - it was retrieved automatically and without spurious > signatures or errors. Neil, you must have hit keyserver.kjsl.com; the rest of the servers in subkeys.pgp.net are SKS (1.0.9) and don't (yet) filter these bogus packets. > > Actually, I'd be > > interested to hear who has a non-corrupt copy of this key, and how many > > sigs are on it (please make public, so we can all share it!). After retrieving it from keyserver.kjsl.com to an empty keyring: %gpg --check-sigs CA57AD7C pub 2048R/CA57AD7C 2004-12-06 uid PGP Global Directory Verification Key sig! CA57AD7C 2005-04-04 PGP Global Directory Verification Key sig! CA57AD7C 2004-12-06 PGP Global Directory Verification Key 458 signatures not checked due to missing keys -- Jason Harris | NIC: JH329, PGP: This _is_ PGP-signed, isn't it? [EMAIL PROTECTED] _|_ web: http://keyserver.kjsl.com/~jharris/ Got photons? (TM), (C) 2004 pgpqMVUib3tOF.pgp Description: PGP signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Corrupt keys
On Tuesday 21 June 2005 6:38 pm, Jason Harris wrote: > On Tue, Jun 21, 2005 at 11:04:38AM +0100, Neil Williams wrote: > > On Tuesday 21 June 2005 9:48 am, Alphax wrote: > > > Fortunately, I have a "clean" copy of this key > > > > as does subkeys.pgp.net - it was retrieved automatically and without > > spurious signatures or errors. > > Neil, you must have hit keyserver.kjsl.com; the rest of the servers > in subkeys.pgp.net are SKS (1.0.9) and don't (yet) filter these bogus > packets. It wasn't a keyserver issue, I was under the impression the problem was the key being used to sign the messages: 0xF874C613 whereas you are looking at 0xCA57AD7C. > %gpg --check-sigs CA57AD7C > 458 signatures not checked due to missing keys -- Neil Williams = http://www.data-freedom.org/ http://www.nosoftwarepatents.com/ http://www.linux.codehelp.co.uk/ pgpzjljT5xHcU.pgp Description: PGP signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
