keystuff, WAS Keys of Silvester and Peter
At 10:55 +0100 2/23/01, S.M. Claassen wrote:
>Hi, gang,
>
>On Fri, 23 Feb 2001, Peter van Rossum wrote:
>
>> . . .
>> On Fri, Feb 23, 2001 at 10:05:57AM +0100, Paul Slootman wrote:
>> > I found your (and Joost's) signature on my key at wwwkeys.de.pgp.net;
>>
>> Yes, wwwkeys.de.pgp.net now seems to contain all seven keys. It doesn't
>> contain all signatures yet, but at least we're getting somewhere.
>> . . .
>>
>I have yet to make my move from PGP to GPG and have signed all the keys of
>last night's participants and manually exported each via PGP using the
>webinterface at www.keyserver.net (which in our case translates to
>belgium.keyserver.net). Thanks to Joost for explicitly posting my pub
>key. I have no idea what the update cycles are between
>the various keyserver systems but I believe we have to exercise some
>patience on this count.
Patience is probably the answer.
For the impatiened:
When did Peter (key created: 2001-02-12 ) and/or Sil ( key created:
2001-01-24 )
UPload the first time to a keyserver?
I created mine at februari 14 and UPload the same day to wwwkeys.nl.pgp.net.
( notice the _nl_ )
>
>A note of interest: my signature as viewed via the webinterface at
>www.keyserver.net appears _twice_ on the keys of Paul van T. and
>Geert. Could you both check if this phenomenon appears locally, too? If
>so I'm going to have to file a report through the appropriate BTS ;->
>
Please look this screencapture with comments
and my theory at the end.
$ gpg --recv-key 8D8270C4
gpg: requesting key 8D8270C4 from wwwkeys.nl.pgp.net ...
gpg: no valid OpenPGP data found.
gpg: Total number processed: 0
stappers@xl:~
$ gpg --recv-key 876B252F
gpg: requesting key 876B252F from wwwkeys.nl.pgp.net ...
gpg: no valid OpenPGP data found.
gpg: Total number processed: 0
stappers@xl:~
# that was last night
# this morning Peter said he did an explicied upload tho www.nl.keys.....net
$ gpg --recv-key 876B252F # so try it again
gpg: requesting key 876B252F from wwwkeys.nl.pgp.net ...
gpg: key 876B252F: public key imported
gpg: skipping pubkey 1: already loaded
gpg: skipping pubkey 2: already loaded
gpg: Total number processed: 1
gpg: imported: 1
# yes, got it
stappers@xl:~
$ gpg --sign-key 876B252F # sign it
pub 1024D/876B252F created: 2001-02-12 expires: never trust: -/q
sub 1024g/4CE45524 created: 2001-02-12 expires: never
(1) Peter van Rossum <petervr@sci.kun.nl>
pub 1024D/876B252F created: 2001-02-12 expires: never trust: -/q
Fingerprint: 0A8B DC57 8340 AC3B 4D20 46C7 623E 49E0 876B 252F
Peter van Rossum <petervr@sci.kun.nl>
Are you really sure that you want to sign this key
with your key: "Geert Stappers (GSt) <stappers@knoware.nl>"
Really sign? y
You need a passphrase to unlock the secret key for
user: "Geert Stappers (GSt) <stappers@knoware.nl>"
1024-bit DSA key, ID 5511798F, created 2001-02-14
gpg: Invalid passphrase; please try again ...
# yes it is a though one
You need a passphrase to unlock the secret key for
user: "Geert Stappers (GSt) <stappers@knoware.nl>"
1024-bit DSA key, ID 5511798F, created 2001-02-14
gpg: skipping pubkey 1: already loaded
gpg: skipping pubkey 2: already loaded
stappers@xl:~
$ gpg --recv-key 5511798F # get an updated version of my Public Key
gpg: requesting key 5511798F from wwwkeys.nl.pgp.net ...
gpg: key 5511798F: 5 new signatures
gpg: skipping pubkey 1: already loaded
gpg: skipping pubkey 2: already loaded
gpg: Total number processed: 1
gpg: new signatures: 5
stappers@xl:~
$ gpg --list-signs 5511798F # who did sign it?
gpg: Invalid option "--list-signs"
stappers@xl:~
$ gpg --help | grep list
gpg: skipping pubkey 1: already loaded
gpg: skipping pubkey 2: already loaded
--list-keys list keys
--list-sigs list keys and signatures
--fingerprint list keys and fingerprints
--list-secret-keys list secret keys
--list-packets list only the sequence of packets
--keyring add this keyring to the list of keyrings
--secret-keyring add this secret keyring to the list
(See the man page for a complete listing of all commands and options)
--list-keys [names] show keys
stappers@xl:~
$ gpg --list-sigs 5511798F # from who are the sigs
pub 1024D/5511798F 2001-02-14 Geert Stappers (GSt) <stappers@knoware.nl>
sig 5511798F 2001-02-14 Geert Stappers (GSt) <stappers@knoware.nl>
sig 969457F0 2001-02-22 Joost van Baal <joostvb@xs4all.nl>
sig 50064181 2001-02-22 Paul van Tilburg <paul@donald-duck.ele.tue.nl>
sig 876B252F 2001-02-22 Peter van Rossum <petervr@sci.kun.nl>
sig B4D6DE13 2001-02-23 Paul Slootman <paul@debian.org>
gpg: skipping pubkey 1: already loaded
gpg: skipping pubkey 2: already loaded
sig 8D8270C4 2001-02-23 [User id not found]
sub 1024g/882BB74F 2001-02-14
sig 5511798F 2001-02-14 Geert Stappers (GSt) <stappers@knoware.nl>
# 8D8270C4 corresponds with Sil's key slip
stappers@xl:~
$ gpg --recv-key 8D8270C4 # try to fetch it
gpg: requesting key 8D8270C4 from wwwkeys.nl.pgp.net ...
gpg: key 8D8270C4: public key imported
gpg: skipping pubkey 1: already loaded
gpg: skipping pubkey 2: already loaded
gpg: Total number processed: 1
gpg: imported: 1
# gotta one
stappers@xl:~
$ gpg --sign-key 8D8270C4 # begin signing
pub 1024D/8D8270C4 created: 2001-01-24 expires: never trust: -/q
sub 1024g/8D037B76 created: 2001-01-24 expires: never
(1) S.M. Claassen <S.M.Claassen@stalemate.nl>
pub 1024D/8D8270C4 created: 2001-01-24 expires: never trust: -/q
Fingerprint: E666 33B1 6A09 5CB6 E4A7 4032 CBF3 A80A 8D82 70C4
S.M. Claassen <S.M.Claassen@stalemate.nl>
Are you really sure that you want to sign this key
with your key: "Geert Stappers (GSt) <stappers@knoware.nl>"
Really sign? y # it is from Silvester
You need a passphrase to unlock the secret key for
user: "Geert Stappers (GSt) <stappers@knoware.nl>"
1024-bit DSA key, ID 5511798F, created 2001-02-14
gpg: skipping pubkey 1: already loaded
gpg: skipping pubkey 2: already loaded
stappers@xl:~
$ gpg --list-sigs 5511798F # take an other look at the sigs
pub 1024D/5511798F 2001-02-14 Geert Stappers (GSt) <stappers@knoware.nl>
sig 5511798F 2001-02-14 Geert Stappers (GSt) <stappers@knoware.nl>
sig 969457F0 2001-02-22 Joost van Baal <joostvb@xs4all.nl>
sig 50064181 2001-02-22 Paul van Tilburg <paul@donald-duck.ele.tue.nl>
sig 876B252F 2001-02-22 Peter van Rossum <petervr@sci.kun.nl>
sig B4D6DE13 2001-02-23 Paul Slootman <paul@debian.org>
sig 8D8270C4 2001-02-23 S.M. Claassen <S.M.Claassen@stalemate.nl>
sub 1024g/882BB74F 2001-02-14
sig 5511798F 2001-02-14 Geert Stappers (GSt) <stappers@knoware.nl>
gpg: skipping pubkey 1: already loaded
gpg: skipping pubkey 2: already loaded
# I do hope Joop came home savely....
stappers@xl:~
$
stappers@xl:~
$
My theory:
Sil's key is signed when my updated key was already signed by Sil,
that is why Silvester sees two sigs by my.
I imagine PGP/GPG/Privacy-keys as a rope,
the more fibres, the stronger it becomes...
By the way:
Any hints how I can get ride of the anioning
"gpg: skipping pubkey n: already loaded" messages?
In fact, there is also a "gpg: skipping pubkey 3: already loaded"...
Groet Geert Stappers
---------------------
Hit the right key to continue
-
Mail to debdev-request@info.cistron.nl to subscribe/unsubscribe
Reply to: