[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: Silly pgp/gpg revocation certificate. How does one publish one?



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Thanks Alexander... I'll definitely check them out. But right now I'm
curious if you know why gpg is calling your detached sig "BAD"??? 

Since I don't know how to get pine to feed detached sigs to gnupg, I
save them to  files... This is what I copied from the konsole screen
buffer. (sequence was verify to extract key ID, paste pub key from server
to file "sig", import sig, verify for effect, and cat for actual content
verification)

 - - - - - - - - -< s n i p >- - - - - - - - - -

jtwdyp -> /home/jtwdyp/com/dnlo
> gpg --verify signature.asc txt
gpg: Signature made Tue 18 May 2004 04:06:38 PM EDT using DSA key ID ED695653
gpg: Can't check signature: public key not found
jtwdyp -> /home/jtwdyp/com/dnlo
> vim sig
jtwdyp -> /home/jtwdyp/com/dnlo
> gpg --import sig
gpg: key ED695653: public key "Alexander Dalloz <alexander dalloz uni-bielefeld de>" imported
gpg: Total number processed: 1
gpg:               imported: 1
jtwdyp -> /home/jtwdyp/com/dnlo
> gpg --verify signature.asc txt
gpg: Signature made Tue 18 May 2004 04:06:38 PM EDT using DSA key ID ED695653
gpg: BAD signature from "Alexander Dalloz <alexander dalloz uni-bielefeld de>"
jtwdyp -> /home/jtwdyp/com/dnlo
> cat signature.asc txt
- -----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.3 (GNU/Linux)

iD8DBQBAqmzO4ZduiO1pVlMRAqO6AJ45cv9jYwjPgjs+LaroGe0wncrEZQCg38Ey
NpgRtCVg8fmyZQgRNixYXBs=
=k44X
- -----END PGP SIGNATURE-----
Am Di, den 18.05.2004 schrieb Joe(theWordy)Philbrook um 21:48:

> So off I went and made me a new key pair. (I remembered having and old
> one that I didn't want to use anymore, (I'm not sure I've kept the
> private key secure enough) But I extracted said disused key pair from
> archive, and imported it to my new gpg ring so I could issue a
> revocation certificate. The GPG docs warn that ANYBODY can publish one
> so to treat it carefully. But I didn't find an obvious how-to on
> revocation...

The net is full with help:

http://www.nmlug.org/faqs/gen-gpg-key.html

http://www.cryptnet.net/fdp/crypto/gpg-party.html#ss3.7

http://www.gnupg.org/(en)/documentation/faqs.html#q4.17

Alexander


- --
Alexander Dalloz | Enger, Germany | GPG key 1024D/ED695653 1999-07-13
Fedora GNU/Linux Core 1 (Yarrow) on Athlon CPU kernel 2.4.22-1.2188.nptl
Sirendipity 22:04:32 up 5 days, 19:49, load average: 0.49, 0.44, 0.33
                   [ Î?νÏ?θι Ï?'αÏ?Ï?ον - gnothi seauton ]
             my life is a planetarium - and you are the stars
jtwdyp -> /home/jtwdyp/com/dnlo
>

 - - - - - - - - -< s n i p >- - - - - - - - - -

- -- 
|  ~^~	 ~^~
|  <?>	 <?>		 Joe (theWordy) Philbrook
|      ^		      J(tWdy)P
|    \___/		   <<jtwdyp ttlc net>>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.3 (GNU/Linux)

iD8DBQFAq5IDRZ/61mwhY94RAgN+AKCPJp1xJmhtxuD5JmtAP3gSkr59kwCgvYOY
O0RCsH73Tg3hm0bJtCNQm5k=
=Vx8i
-----END PGP SIGNATURE-----



[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]