David Shaw on Thu, 27 Feb 2003 18:41:04 -0500


[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

Re: [PLUG] GnuPG 1.2.1 trustdb checks for every pubkey import?


On Thu, Feb 27, 2003 at 03:14:17PM -0500, gabriel rosenkoetter wrote:

> Keep in mind David's also having mentioned that he's using a
> development version of GnuPG, and that someone using that nym and
> email address is a GnuPG developer. So if this is some kind of
> plot, it's a pretty elaborate one. (And, who cares if it *is* a
> plot in this circumstance, since, from what I can tell, his advice
> has been correct thus far. I didn't just blindly run the commands
> he suggested, obviously, but I wouldn't do that under any
> circumstances.) Seems more likely to guess that he's using this
> development version of GnuPG with a non-permanent key in case
> something goes wrong.

If it quacks like a duck...

> It'd still be nice to see some cross-signing and propogation of the
> key, though.
> 
> > David, do you have a secret other key? Could you cross sign them?
> 
> And, while you're at it, send it off to the pgp.net servers,
> brokeness of pks not-with-standing?

I would if I could.  Unfortunately, most of the keyservers are still
running pks 0.9.5 or earlier which can't handle more than one subkey -
and mangles the key if you try.  I fixed pks to at least ignore any
additional subkeys in pks 0.9.6, but not all of the keyservers have
upgraded yet.

David

Attachment: pgpZIrogwsjhh.pgp
Description: PGP signature