Odd GPG stuff

Jeffrey F. Bloss jbloss at tampabay.rr.com
Thu Mar 29 19:16:19 UTC 2007


Scott Lockwood wrote:

> First, if this is not related to useing Feisty, I appologize. This is my
> first though because, I never noticed the problem before upgrading from
> 6.10 to feisty.
> 
> Almost all of the messages that are signed that hit the list come up
> with a Red blob on a square grey background, and black text that is
> backlit yellow that says "Valid Signature, cannot verify sender"
> 
> I have imported the keys from the people who I get this message with,
> and emailed one of the users who's messages show up this way, to let him

No need to stand on ceremony, that user was me. :)

I had originally created a key with an expiry and then changed it
rather than generating fresh keys (had my reasons for doing this bad
thing at the time), and I assumed the problem was a stray old version.

Could you verify that the key you have now is set to expire "never"?

> know that his key was expired, but even after importing the correct keys
> (via 'gpg --recv-keys XXXXXXXX' for example) I still see the message
> that the key cannot be verified. I even tried signing the key with my
> key, no joy. Anyone see this before?

This is starting to sound like an Evolution issue... either Evolution
"mis-flagging" good signatures from not fully trusted keys, or somehow
picking up on keys signed with other keys that have expired. You can
sign a key without assigning ultimate trust, and make a key trusted
without signing it. Doing either one arbitrarily is unwise. ;)

Trust can also be "inherited" from the owner trust assigned to various
signing keys, but the two are not synonymous nor is it an either/or
proposition. There's varying degrees of trust and owner trust that may
be "confusing" Evolution.

It *almost* sounds to me like Evolution has made some sort of policy
change that conflicts with a minor variation in the way you or your
"system" is managing keys. Check your own to make sure you haven't
managed to set some owner trust level less than Ultimate on your own
keys, for example.

If you could manually save and verify a problem message with the "double
verbose" switches set it might give some more clues too...

-- 
     _?_      Outside of a dog, a book is a man's best friend.
    (o o)         Inside of a dog, it's too dark to read.
-oOO-(_)--OOo------------------------------[ Groucho Marx ]---
                    http://wrench.homelinux.net/~jeff/

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 892 bytes
Desc: not available
URL: <https://lists.ubuntu.com/archives/ubuntu-users/attachments/20070329/c12f3214/attachment.pgp>


More information about the ubuntu-users mailing list