libreboot
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Libreboot] GNU Libreboot, version 20160818 released

From: Guilhem Moulin
Subject: Re: [Libreboot] GNU Libreboot, version 20160818 released
Date: Wed, 31 Aug 2016 02:15:52 +0200
User-agent: NeoMutt/ (1.7.0) 
On Tue, 30 Aug 2016 at 09:58:51 +0100, Leah Rowe wrote:
> Sorry about that. I think I did sign it with the same key. I've signed
> it truly with the gluglug key now. This is what I did:
> gpg --edit-key address@hidden
> sign
> quit
> 
> Then I pushed it using:
> gpg --keyserver pgp.mit.edu --send-key 05E8C5B2
> gpg --keyserver keys.gnupg.net --send-key 05E8C5B2
> 
> Is this OK?

Sorry to insist, but it looks like it's not :-P  For instance the key
found on pgp.mit.edu has no signature other than its own (selfsig):

    https://pgp.mit.edu/pks/lookup?op=vindex&search=0x969A979505E8C5B2

which you can probably confirm locally by running

    ~$ gpg --list-sigs --with-colons 969A979505E8C5B2 | \
       grep -E '^sig:([^:]*:){3}FF45B74CF9D1CF94:'

(An empty output means it doesn't have any signature from long key ID
FF45B74CF9D1CF94.)

This might be due to the fact that your gpg(1) command is ambiguous.  On
the other hand this one isn't:

    ~$ gpg --local-user FF45B74CF9D1CF94 --sign-key 969A979505E8C5B2
    ~$ gpg --keyserver hkp://pool.sks-keyservers.net --send-key 969A979505E8C5B2

Hope this helps
Cheers,
-- 
Guilhem.

Attachment: signature.asc
Description: PGP signature

reply via email to
[Prev in Thread] Current Thread [Next in Thread]