Hi, * Georgi Guninski <guninski@guninski.com> wrote: > i am not sure --check-sigs will fix this. I am pretty sure that check-sigs will not fix this :) > the keyring contains the colliding ID pub key and according to my tests > --check-sigs works too on ubuntu - the signatures are correct and the keys > are present. What do you mean by "works too on ubuntu"? When called with --list-sigs, the output is the same as when gpg is called with --check-sigs, just an exclamation mark is added: $ gpg --no-default-keyring --keyring ./ubuntu-archive-keyring.gpg --with-colons --list-sigs DB046AD3 | grep -v pub [...] sig:::17:8B56ED98DB046AD3:2011-09-21::::ubun1 <ubun1@aaaaaaa>:13x: sig:::17:8B56ED98DB046AD3:2011-09-21::::ubun1 <ubun1@aaaaaaa>:18x: $ gpg --no-default-keyring --keyring ./ubuntu-archive-keyring.gpg --with-colons --check-sigs DB046AD3 | grep -v pub [...] sig:!::17:8B56ED98DB046AD3:2011-09-21::::ubun1 <ubun1@aaaaaaa>:13x: sig:!::17:8B56ED98DB046AD3:2011-09-21::::ubun1 <ubun1@aaaaaaa>:18x: This suggests that it makes no difference whether gpg is called with list-sigs or check-sigs here. Regards, - Alex
Attachment:
pgpsy7spj6tK6.pgp
Description: PGP signature