gabriel rosenkoetter on Thu, 27 Feb 2003 15:15:04 -0500


[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

Re: [PLUG] GnuPG 1.2.1 trustdb checks for every pubkey import?


On Thu, Feb 27, 2003 at 02:21:43PM -0500, Jeff Abrahamson wrote:
> This advice *sounds* good, but is bothersome in its own way because
> Mutt says
> 
>   gpg: Signature made Thu 27 Feb 2003 01:12:16 PM EST using DSA key ID 49E1CBC9
>   gpg: Can't check signature: public key not found
> 
> Moreover,
> 
> jeff@asterix:Mutt $ gpg --list-sigs |grep  49E1CBC9      
> jeff@asterix:Mutt $ gpg --list-sigs |grep  -i shaw
> sig 2   P   99242560 2002-11-09   David M. Shaw <dshaw@jabberwocky.com>
[...]
> jeff@asterix:Mutt $ gpg --recv-keys 49E1CBC9
> gpg: no valid OpenPGP data found.
> gpg: Total number processed: 0
> jeff@asterix:Mutt $ 

What keyservers have you tried?

David's key isn't in www{,.us}.pgp.net nor in keyserver.kjsl.com
(which I've switched over to because it handles multiple subkeys
and multiple self-signatures properly... or claims to, anyway; this
from http://keyserver.kjsl.com/~jharris/keyserver.html).

I'm hoping David's (new?) key is in ldap://keys.pgp.com, which he's
referenced before, but it doesn't synchronize with anything and
NetBSD's pkgsrc version of GnuPG doesn't build the gpgkeys_ldap
utility because of broken Makefile logic that I haven't fixed yet,
so...

Keep in mind David's also having mentioned that he's using a
development version of GnuPG, and that someone using that nym and
email address is a GnuPG developer. So if this is some kind of
plot, it's a pretty elaborate one. (And, who cares if it *is* a
plot in this circumstance, since, from what I can tell, his advice
has been correct thus far. I didn't just blindly run the commands
he suggested, obviously, but I wouldn't do that under any
circumstances.) Seems more likely to guess that he's using this
development version of GnuPG with a non-permanent key in case
something goes wrong.

It'd still be nice to see some cross-signing and propogation of the
key, though.

> David, do you have a secret other key? Could you cross sign them?

And, while you're at it, send it off to the pgp.net servers,
brokeness of pks not-with-standing?

Also, while we're rambling, Jeff, you and I really need to sign
each others' keys at some point. I think you're the only regular
OpenPGP user on PLUG about whom I *still* get a warning... :^>

-- 
gabriel rosenkoetter
gr@eclipsed.net

Attachment: pgpBthQwj13m3.pgp
Description: PGP signature