When I import piotr-old.pubkey I can not encrypt with it apparently because the
key seems to be damaged. When I import piotr.pubkey later on the key does not
change and encryption still does not work. However when I delete ~/.gnupg and
then import piotr.pubkey then it works. If gnupg does not check a key for
corruption prior to importing it I would consider this to be a high priority
security issue. Otherwise it will still be painful as Piotr will need to issue
another identity because updating that key would not work for a gnupg based
keyserver for him.
Description
Details
- Version
- 1.4.12
Event Timeline
As I am not sure how to attach files to this report I have uploaded them here:
http://www.elstel.org/uploads/gnupg/
1.4.12 is heavily outdated (from 2012). Please update to 1.4.20 or at least
1.4.19 and check again.
Sorry, I can't see any problem here.
The "priotr-old" key is actually the newer key because an expiration date was
added to that copy of the key (2012-07-09) and that key has meanwhile expired.
Thus you can't encrypt using this key.
When you import the "piotr" key that is actually the same key but w/o the update
with the expiration date. Thus gpg does not chnage the exiting in key because
the existing key has a newer self-signature (where the expiration date is
stored) than the new key. So nothing changes, which is correct.
If you delete the .gnupg directory you don't have the newer key and by importing
the key w/o the expiration date you can encrypt to that key.