Re: [PLUG] key-signing Thursday?

Bill Jonas on Sun, 14 Apr 2002 08:50:11 +0200

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

Re: [PLUG] key-signing Thursday?

From: Bill Jonas <bill@billjonas.com>

To: plug@lists.phillylinux.org

Subject: Re: [PLUG] key-signing Thursday?

Date: Sun, 14 Apr 2002 02:39:07 -0400

Mail-followup-to: plug@lists.phillylinux.org

Reply-to: plug@lists.phillylinux.org

Sender: plug-admin@lists.phillylinux.org

User-agent: Mutt/1.2.5i

On Sat, Apr 13, 2002 at 11:40:34PM -0400, gabriel rosenkoetter wrote: > I haven't taken the time to track it down, but since it seems to be > reproducible, maybe we should make something of a group effort and > at least send a bug report if not a patch. Trust calculation. I noticed that a key I've signed takes much longer to validate than that of someone whose I haven't signed. Assuming you're using mutt, you can verify for yourself by hitting ^C after a couple seconds (after it should've had enough time to validate the signature itself). Instead of getting something like the following (with or without the warning): gpg: Signature made Sat Apr 13 23:40:34 2002 EDT using DSA key ID 0CF9091A gpg: Good signature from "gabriel rosenkoetter <gr@eclipsed.net>" gpg: aka "gabriel rosenkoetter <rosenkoetter@pobox.com>" gpg: aka "gabriel rosenkoetter <gr@cs.swarthmore.edu>" gpg: WARNING: This key is not certified with a trusted signature! gpg: There is no indication that the signature belongs to the owner. gpg: Fingerprint: 1175 C547 F847 8340 AC62 6C20 F5E8 5A70 0CF9 091A It'll look like: gpg: Signature made Sat Apr 13 23:40:34 2002 EDT using DSA key ID 0CF9091A gpg: Good signature from "gabriel rosenkoetter <gr@eclipsed.net>" gpg: aka "gabriel rosenkoetter <rosenkoetter@pobox.com>" gpg: aka "gabriel rosenkoetter <gr@cs.swarthmore.edu>" gpg: some signal caught ... exiting The effect is especially pronounced on a slower machine (like my dual-CPU SPARC 10). One solution is to use the always-trust option. Just put "always-trust" in your ~/.gnupg/options, and validations will only take a couple of seconds (or less if you have a faster machine). The problem with this approach, besides losing trust-checking, is that now the output looks like this: gpg: Signature made Sat Apr 13 23:40:34 2002 EDT using DSA key ID 0CF9091A gpg: Good signature from "gabriel rosenkoetter <gr@eclipsed.net>" gpg: aka "gabriel rosenkoetter <rosenkoetter@pobox.com>" gpg: aka "gabriel rosenkoetter <gr@cs.swarthmore.edu>" gpg: WARNING: Using untrusted key! As for what's going into the next version, I don't follow GnuPG development, but the man page for version 1.0.6 has this nugget: --no-expensive-trust-checks Experimental use only. -- Bill Jonas * bill@billjonas.com * http://www.billjonas.com/ Developer/SysAdmin for hire! See http://www.billjonas.com/resume.html
Attachment: pgp0ye9b2sDIq.pgp
Description: PGP signature

Follow-Ups:

Re: [PLUG] key-signing Thursday?
From: Doug Crompton <wa3dsp@crompton.com>

References:

[PLUG] key-signing Thursday?
From: gabriel rosenkoetter <gr@eclipsed.net>

Re: [PLUG] key-signing Thursday?
From: Michael Leone <turgon@mike-leone.com>

Re: [PLUG] key-signing Thursday?
From: "eric@lucii.org" <eric@lucii.org>

Re: [PLUG] key-signing Thursday?
From: gabriel rosenkoetter <gr@eclipsed.net>

Prev by Date: Re: [PLUG] Creative SBLive! Value sound card

Next by Date: [PLUG] Delete me - mutt/postfix/gpg test e-mail

Previous by thread: Re: [PLUG] key-signing Thursday?

Next by thread: Re: [PLUG] key-signing Thursday?

Index(es):

Date

Thread