Release: 1.2.4

Environment

powerpc-linux

Description

Hi,

on my key

pub 1024D/5706A4B4 2002-02-26 Simon Richter <Simon.Richter@hogyros.de>

Key fingerprint = 040E B5F7 84F1 4FBC CEAD  ADC6 18A0 CC8D 5706 A4B4

uid Simon Richter <sjr@debian.org>
uid Simon Richter <Simon.Richter@fs.tum.de>
uid Simon Richter <Simon.Richter@in.tum.de>
uid Simon Richter <Simon@riseofdarkness.de>
uid Simon Richter <simon@earplugs-recommended.de>
uid Simon RICHTER
uid リヒター・シィモン
sub 1024g/A24C5E26 2002-02-26 [expires: 2003-02-26]
sub 1024g/9841B52F 2003-03-10 [expires: 2004-03-09]
sub 1024g/AB83352B 2004-01-11 [expires: 2005-03-09]

there is an additional UID "Simon Richter" (note the case) which happens to
be older than the "Simon RICHTER" UID. GnuPG incorrectly decided to merge
these UIDs, attaching all the signatures under the former to the latter UID.
As case matters for the validity of an UID, all these signatures fail to
validate. Keyservers, on the other hand, have a different merging algorithm,
and do not merge the UIDs (which is correct behaviour IMO) and return all
signatures when asked for my key, leading to a long (10 min on a P3/550)
wait when importing the key.

IMO the correct behaviour for GnuPG would be to not merge UIDs that differ
only in case. In order to repair my key, it should also accept such UIDs
back on import and be able to try signatures that fail to validate on other
UIDs as well (as a special "repair mode").

What do you think?

Simon

How To Repeat

gpg --keyserver wwwkeys.pgp.net --recv-keys 5706a4b4
gpg --keyserver wwwkeys.pgp.net --recv-keys 5706a4b4

(the bug is triggered while merging the result of the second query)

Fix

Unknown