[ale] Bad signatures on keys?
arxaaron
arxaaron at gmail.com
Thu Dec 15 18:32:06 EST 2011
On 2011/12/15, at 14:24 , Michael B. Trausch wrote:
> I'm a bit curious, I just did another re-import and then a --check-
> sigs
> and I saw this at the bottom of the output:
>
> 4 bad signatures
> 1945 signatures not checked due to missing keys
>
> I get the missing keys bit, but the 4 bad signatures I thought was a
> little strange, so I looked into it. Seems that bad signatures are
> shown with their lines starting with "sig-" instead of "sig!" in the
> --check-sigs output.
>
> The four bad signatures are (output trimmed, they're all on Mike
> Warfield's key and the list is massively huge):
>
> pub 1024R/DF1DD471 1994-04-28
> uid Michael H. Warfield <mhw at WittsEnd.com>
> sig- DF1DD471 1998-04-05 Michael H. Warfield <mhw at WittsEnd.com
> >
>
> uid Michael H. Warfield <mhw at commandcorp.com>
> sig- DF1DD471 1994-04-29 Michael H. Warfield <mhw at WittsEnd.com
> >
> sig-3 DF1DD471 2002-10-14 Michael H. Warfield <mhw at WittsEnd.com
> >
> sig-3 5DEA789B 2011-12-09 David Tomaschik <david at systemoverlord.com
> >
>
> So, three of the bad signatures on key df1dd471 are from key df1dd471
> and one of the bad signatures is from key 5dea789b, am I understanding
> that correctly?
>
> Also, why is it that David's key shows an invalid signature for the
> mhw at commandcorp.com uid, but not for any of the other uids on that
> key?
>
> Is there a possibility that something is funky with my
> (brand-spanking-new!) GPG database, somehow?
>
> --- Mike
hmmmm.... did a --refresh-keys earlier and it didn't report any errors:
gpg: Total number processed: 24
gpg: unchanged: 4
gpg: new user IDs: 2
gpg: new signatures: 1679
gpg: no ultimately trusted keys found
Though I don't understand the last line about
"no ultimately trusted keys found"
running --check-sigs just now showed 5 bad sigs, though...
5 bad signatures
1922 signatures not checked due to missing keys
peace
aaron
More information about the Ale
mailing list