PGP 2.x/GnuPG compatibility problems
I originally posted this on the GnuPG mailing list and recieved no reply. Hopefully some debian
security buffs can help me with this.
I am having problems veryifing some keys signed with a key generated
The key wasn't self-signed originally. I was able to import it using
And i convinced the key owner to self sign it so I now have a
However any keys that he has signed I can't use. When I try and encrypt
to these keys I get the following error:
jackal:~$ gpg -ea -r bunglon test.txt
gpg: bunglon: skipped: unusable public key
gpg: test.txt: encryption failed: unusable public key
I have given full trust to the original signing key.
Using PGP 6.5.8 I get a similar error:
Key for user ID: bunglon <firstname.lastname@example.org>
1024-bit RSA key, Key ID 0xB5DDA201, created 1999/07/21
WARNING: Because this public key is not certified with a trusted
signature, it is not known with high confidence that this public key
actually belongs to: "bunglon <email@example.com>".
Are you sure you want to use this public key (y/N)?
However using PGP 6.0.2i on windows I have no such problems.
Checking the signature gives the following:
jackal:~$ gpg --check-sigs bunglon
pub 1024R/B5DDA201 1999-07-21 bunglon <firstname.lastname@example.org>
sig- 69FC1101 1999-07-21 kholil <email@example.com>
I assume the "-" means the signature is invalid. I have hunted the docs for info
about this but found nothing.
So, is this a bug or am I doing something wrong?
public key available at http://www.minihub.org/~iain/iain.asc