swox pgp keys

Torbjorn Granlund tege@swox.com
08 Jan 2003 19:38:17 +0100

nisse@lysator.liu.se (Niels Möller) writes:

  I have trouble verifying the signature that accompanies gmp-4.1.2. I
    $ gpg --verify gmp-4.1.2.tar.gz.asc gmp-4.1.2.tar.gz
    gpg: Warning: using insecure memory!
    gpg: Signature made Tue Dec 31 07:16:43 2002 CET using DSA key ID 769AFE02
    gpg: requesting key 769AFE02 from wwwkeys.us.pgp.net ...
    gpg: key 769AFE02: public key imported
    gpg: Total number processed: 1
    gpg:               imported: 1
    gpg: Good signature from "Swox AB (Software signing key 2002) <info@swox.com>"
    Could not find a valid trust path to the key.  Let's see whether we
    can assign some missing owner trust values.
    No path leading to one of our keys found.
    gpg: WARNING: This key is not certified with a trusted signature!
    gpg:          There is no indication that the signature belongs to the owner.
    gpg: Fingerprint: 6BAD 345C 629D 638B E4D7  2E13 FCBD DBD5 769A FE02
  I have personally exchanged keys with Torbjörn, so I'm reasonably
  confident that the key
    $ gpg --list-sigs tege
    gpg: Warning: using insecure memory!
    pub  1024R/16B7193D 2002-03-02 Torbjorn Granlund <tege@swox.com>
    sig        16B7193D 2002-03-02  Torbjorn Granlund <tege@swox.com>
    sig        A8F4C2FD 2002-03-08  Niels Möller <nisse@lysator.liu.se>
  belongs to Torbjörn. I think it's reasonably to expect the keys for
  tege@swox and info@swox to sign each other.
Well, of course I should sign it.  Unfortunately, I used pgp
to generate my keys, which we no longer have installed.  I
have tried using gpg 1.2.1, but I cannot get that to work

1) First imported my pgp keys.  When trying to sign with
   gpg, it then insisted on using IDEA which our gpg build
   does not support.

2) Attemtped to generate new gpg keys.  It hangs forever,
   saying it needs 300 more bytes.  It doesn't seem to accept
   keyborad input for more entropy.

At this point, I give up.