[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

PGP 2.x/GnuPG compatibility problems

I originally posted this on the GnuPG mailing list and recieved no reply. Hopefully some debian
security buffs can help me with this.

I am having problems veryifing some keys signed with a key generated
with pgp2.6ui

The key wasn't self-signed originally. I was able to import it using

And i convinced the key owner to self sign it so I now have a
self-signed version.

However any keys that he has signed I can't use. When I try and encrypt
to these keys I get the following error:

jackal:~$ gpg -ea -r bunglon test.txt
gpg: bunglon: skipped: unusable public key
gpg: test.txt: encryption failed: unusable public key

I have given full trust to the original signing key.

Using PGP 6.5.8 I get a similar error:

Key for user ID: bunglon <bunglon@spore.isai.or.id>
1024-bit RSA key, Key ID 0xB5DDA201, created 1999/07/21
WARNING:  Because this public key is not certified with a trusted
signature, it is not known with high confidence that this public key
actually belongs to: "bunglon <bunglon@spore.isai.or.id>".

Are you sure you want to use this public key (y/N)?

However using PGP 6.0.2i on windows I have no such problems.

Checking the signature gives the following:

jackal:~$ gpg --check-sigs bunglon
pub  1024R/B5DDA201 1999-07-21 bunglon <bunglon@spore.isai.or.id>
sig-       69FC1101 1999-07-21  kholil <kholil@minihub.org>

I assume the "-" means the signature is invalid. I have hunted the docs for info
about this but found nothing.

So, is this a bug or am I doing something wrong?

Please help,


public key available at http://www.minihub.org/~iain/iain.asc

Reply to: