swox pgp keys
Torbjorn Granlund
tege@swox.com
08 Jan 2003 19:38:17 +0100
nisse@lysator.liu.se (Niels Möller) writes:
I have trouble verifying the signature that accompanies gmp-4.1.2. I
get
$ gpg --verify gmp-4.1.2.tar.gz.asc gmp-4.1.2.tar.gz
gpg: Warning: using insecure memory!
gpg: Signature made Tue Dec 31 07:16:43 2002 CET using DSA key ID 769AFE02
gpg: requesting key 769AFE02 from wwwkeys.us.pgp.net ...
gpg: key 769AFE02: public key imported
gpg: Total number processed: 1
gpg: imported: 1
gpg: Good signature from "Swox AB (Software signing key 2002) <info@swox.com>"
Could not find a valid trust path to the key. Let's see whether we
can assign some missing owner trust values.
No path leading to one of our keys found.
gpg: WARNING: This key is not certified with a trusted signature!
gpg: There is no indication that the signature belongs to the owner.
gpg: Fingerprint: 6BAD 345C 629D 638B E4D7 2E13 FCBD DBD5 769A FE02
I have personally exchanged keys with Torbjörn, so I'm reasonably
confident that the key
$ gpg --list-sigs tege
gpg: Warning: using insecure memory!
pub 1024R/16B7193D 2002-03-02 Torbjorn Granlund <tege@swox.com>
sig 16B7193D 2002-03-02 Torbjorn Granlund <tege@swox.com>
sig A8F4C2FD 2002-03-08 Niels Möller <nisse@lysator.liu.se>
belongs to Torbjörn. I think it's reasonably to expect the keys for
tege@swox and info@swox to sign each other.
Well, of course I should sign it. Unfortunately, I used pgp
to generate my keys, which we no longer have installed. I
have tried using gpg 1.2.1, but I cannot get that to work
properly.
1) First imported my pgp keys. When trying to sign with
gpg, it then insisted on using IDEA which our gpg build
does not support.
2) Attemtped to generate new gpg keys. It hangs forever,
saying it needs 300 more bytes. It doesn't seem to accept
keyborad input for more entropy.
At this point, I give up.
--
Torbjörn