I noticed some very strange key creation behaviour (in keys created
with version 0.9.3, but in the ChangeLog of 0.9.5 I didn't find any
entry that looks related to this). Keys created with 0.9.3 can have
extra self-signatures and extra self-signatures on the sub-key, which
can work quite well for many things, but can also cause all kind of
problems (it's just that you notice those problems too late :-( ).
Here's the (now revoked) key as pgpacket output to make clear what I'm
talking about; I suggest that anyone who recently created a key use
pgpacket or "gpg --list-packets" to check if their key suffers from
the same problems.
Note that in the key included below self-signatures for the main key
exist with two different time-stamps:
Date: 15 Mar 1999 21:43:41
Date: 15 Mar 1999 21:43:42
Also subkey signatures exist with two different time-stamps:
Date: 15 Mar 1999 22:03:12
Date: 15 Mar 1999 22:03:13
All these signatures are correct according to "gpg -kvvv".
Also there is a duplicate of one of the subkey signatures in the wrong
place (before the subkey). I have no idea how that happened. This
may have to do with exporting and importing to and from pgpk, but of
course no program should accept broken data if it can't recover from
it (with GPG 0.9.3, I neither can delete that key nor import it into a
fresh .gnupg directory, whereas I could import it into some other
version).
How can one delete specific signatures from a key (similar to "pgp
-krs")? The "help" menu of "gpg --edit-key" doesn't seem to contain
an entry for this.
---------------------------
Packet Type: Public Key Packet
Length: 418
Version Byte: 4
Key Created: 15 Mar 1999 21:43:41
Algorithm: 17 (DSA)
P: 0xB8445DC5518710579E7C18703FAD4ED528E3531D23714E6E155467EB2498C07E07F78349D3BF8030450FDF9DBCA47FA71A838CA41F0E39FD6449CCD40830426750B12C7088C7967B7C157E040082C5C997EC3C28B42409898D60613A287867B72D50B1A2403E2824B6F749DE7BB049C7F980C1FB05EAF4CBBE4A72C20D90852F
Q: 0xA041AE0235F48A922FC7EB991B8FADB884692D5D
G: 0x421C5111E46A55D1CBBDF7D0C274DCA996902D1ED95D145E13EBCBF22A81B6FEC9D5C2552C0AEE6D283B3E5DA7C77FA3C430897F541DD935F35D0F5B1DFA329C555C6D8C146A1524517E8C24962851D40D4583773FA63687BBDBE374A53C45CB5C812F9FC94AD245A62572E34DF32244D4E8C2A87D01357873568E80865AEC24
Y: 0x0CF62DCE05AD5FF68C8CFA424DFDCE8EDF33ACF1AF8714BA415EBD1F9D367258134198303306002622FAB0B6454B64B33E8F5FDDC089B0870066914FDB2D124540A7973BA6F71B859E7A886ACDE797C874B71C0E2DB9D45EED908CD5FBA9029BD66A4F61C2C9252558D98D95D6C693572FEACD2C596B5F01E0C87BFD31135061
Key ID: 0x
---------------------------
Packet Type: User ID Packet
Length: 31
User ID: "Bodo Moeller <bmoeller@acm.org>"
---------------------------
Packet Type: Secret-Key Encrypted Packet (signature)
Length: 85
Version: 4
Positive ID Key certification
Public Key Algorithm: 17 (DSA)
Message Digest Algorithm: 2 (SHA-1)
Hashed subpackets: 21 bytes.
Subpacket: signature creation time, 5 bytes
Date: 15 Mar 1999 21:43:41
Subpacket: preferred symmetric algorithms, 3 bytes
Symmetric Algorithm: 10 ()
Symmetric Algorithm: 3 (CAST5)
Subpacket: preferred hash algorithms, 3 bytes
Hash Algorithm: 3 (RIPE-MD/160)
Hash Algorithm: 2 (SHA-1)
Subpacket: preferred compression algorithms, 3 bytes
Compression Algorithm: 2 (ZLIB)
Compression Algorithm: 1 (ZIP)
Subpacket: key server preferences, 2 bytes
Unhashed subpackets: 10 bytes.
Subpacket: issuer key ID, 9 bytes
ID: 0x0A5C1E1D70B2B0B3
Check bytes: 0xEEAF
20 bytes of data (1)
20 bytes of data (2)
---------------------------
Packet Type: Secret-Key Encrypted Packet (signature)
Length: 70
Version: 4
Generic Key certification
Public Key Algorithm: 17 (DSA)
Message Digest Algorithm: 2 (SHA-1)
Hashed subpackets: 6 bytes.
Subpacket: signature creation time, 5 bytes
Date: 17 Mar 1999 12:05:53
Unhashed subpackets: 10 bytes.
Subpacket: issuer key ID, 9 bytes
ID: 0x1CC19CA3CDD6B451
Check bytes: 0x1FC2
20 bytes of data (1)
20 bytes of data (2)
---------------------------
Packet Type: Secret-Key Encrypted Packet (signature)
Length: 149
Version: 3
Adding 5 bytes of header to digest
Generic Key certification
Signature Created: 24 Mar 1999 21:40:08
Signing Key ID: 0xAA589DAC5A6A9B85
Public Key Algorithm: 1 (RSA)
Message Digest Algorithm: 1 (MD5)
Check bytes: 0xA3BA
128 bytes of data (1)
---------------------------
Packet Type: Secret-Key Encrypted Packet (signature)
Length: 85
Version: 4
Positive ID Key certification
Public Key Algorithm: 17 (DSA)
Message Digest Algorithm: 2 (SHA-1)
Hashed subpackets: 21 bytes.
Subpacket: signature creation time, 5 bytes
Date: 15 Mar 1999 21:43:42
Subpacket: preferred symmetric algorithms, 3 bytes
Symmetric Algorithm: 10 ()
Symmetric Algorithm: 3 (CAST5)
Subpacket: preferred hash algorithms, 3 bytes
Hash Algorithm: 3 (RIPE-MD/160)
Hash Algorithm: 2 (SHA-1)
Subpacket: preferred compression algorithms, 3 bytes
Compression Algorithm: 2 (ZLIB)
Compression Algorithm: 1 (ZIP)
Subpacket: key server preferences, 2 bytes
Unhashed subpackets: 10 bytes.
Subpacket: issuer key ID, 9 bytes
ID: 0x0A5C1E1D70B2B0B3
Check bytes: 0xABC8
20 bytes of data (1)
20 bytes of data (2)
---------------------------
Packet Type: Secret-Key Encrypted Packet (signature)
Length: 70
Version: 4
Subkey binding signature
Public Key Algorithm: 17 (DSA)
Message Digest Algorithm: 2 (SHA-1)
Hashed subpackets: 6 bytes.
Subpacket: signature creation time, 5 bytes
Date: 15 Mar 1999 22:03:13
Unhashed subpackets: 10 bytes.
Subpacket: issuer key ID, 9 bytes
ID: 0x0A5C1E1D70B2B0B3
Check bytes: 0x6DAA
20 bytes of data (1)
20 bytes of data (2)
---------------------------
Packet Type: Secret-Key Encrypted Packet (signature)
Length: 70
Version: 4
Generic Key certification
Public Key Algorithm: 17 (DSA)
Message Digest Algorithm: 2 (SHA-1)
Hashed subpackets: 6 bytes.
Subpacket: signature creation time, 5 bytes
Date: 24 Mar 1999 22:42:02
Unhashed subpackets: 10 bytes.
Subpacket: issuer key ID, 9 bytes
ID: 0x6616D8A097414BD2
Check bytes: 0xAAB6
20 bytes of data (1)
20 bytes of data (2)
---------------------------
Packet Type: Secret-Key Encrypted Packet (signature)
Length: 149
Version: 3
Adding 5 bytes of header to digest
Generic Key certification
Signature Created: 24 Mar 1999 22:37:33
Signing Key ID: 0x76D31366BB8127E5
Public Key Algorithm: 1 (RSA)
Message Digest Algorithm: 1 (MD5)
Check bytes: 0x9FDD
128 bytes of data (1)
---------------------------
Packet Type: Public SubKey Packet
Length: 269
Version Byte: 4
Key Created: 15 Mar 1999 22:03:12
Algorithm: 16 (Elgamal (Encrypt only))
P: 0xA710490F6405048A39E9CB2EA1B0702358698F59519C22231D37E932248FB573FA56CCD9C2998EDC3941D6523AAC6AC0DD9B15646AC881E42045D37DA4ABE57368E08FE69A7B7080945996F31E5ABA7790362C8F48AD7E6B85362CDDF69C7F6AC6CBB49326A1599DBFD7FEAC168F67B027F48061307F3436F37768A86696798B
G: 0x06
Y: 0x8467FABC93C841FC26A38B3D5D8E3DCBE4BC3AB8F381A2E06D64D4E019870FB98CC5F7EB06E1D2958D689FA999269AF64E322F93FCF43BC6F33E9D06C7723804B9DEE7A5B89F52A9CE0182CFC0A7DFA3A9FC8AB4449A536FC3D6F86A3DEED4648231414C17D7976E85A6DB8A05E3CF10313DC792766D032F0533B4D888F2E430
Key ID: 0x
---------------------------
Packet Type: Secret-Key Encrypted Packet (signature)
Length: 70
Version: 4
Subkey binding signature
Public Key Algorithm: 17 (DSA)
Message Digest Algorithm: 2 (SHA-1)
Hashed subpackets: 6 bytes.
Subpacket: signature creation time, 5 bytes
Date: 15 Mar 1999 22:03:12
Unhashed subpackets: 10 bytes.
Subpacket: issuer key ID, 9 bytes
ID: 0x0A5C1E1D70B2B0B3
Check bytes: 0x7641
20 bytes of data (1)
20 bytes of data (2)
---------------------------
Packet Type: Secret-Key Encrypted Packet (signature)
Length: 70
Version: 4
Subkey binding signature
Public Key Algorithm: 17 (DSA)
Message Digest Algorithm: 2 (SHA-1)
Hashed subpackets: 6 bytes.
Subpacket: signature creation time, 5 bytes
Date: 15 Mar 1999 22:03:13
Unhashed subpackets: 10 bytes.
Subpacket: issuer key ID, 9 bytes
ID: 0x0A5C1E1D70B2B0B3
Check bytes: 0x6DAA
20 bytes of data (1)
20 bytes of data (2)
with version 0.9.3, but in the ChangeLog of 0.9.5 I didn't find any
entry that looks related to this). Keys created with 0.9.3 can have
extra self-signatures and extra self-signatures on the sub-key, which
can work quite well for many things, but can also cause all kind of
problems (it's just that you notice those problems too late :-( ).
Here's the (now revoked) key as pgpacket output to make clear what I'm
talking about; I suggest that anyone who recently created a key use
pgpacket or "gpg --list-packets" to check if their key suffers from
the same problems.
Note that in the key included below self-signatures for the main key
exist with two different time-stamps:
Date: 15 Mar 1999 21:43:41
Date: 15 Mar 1999 21:43:42
Also subkey signatures exist with two different time-stamps:
Date: 15 Mar 1999 22:03:12
Date: 15 Mar 1999 22:03:13
All these signatures are correct according to "gpg -kvvv".
Also there is a duplicate of one of the subkey signatures in the wrong
place (before the subkey). I have no idea how that happened. This
may have to do with exporting and importing to and from pgpk, but of
course no program should accept broken data if it can't recover from
it (with GPG 0.9.3, I neither can delete that key nor import it into a
fresh .gnupg directory, whereas I could import it into some other
version).
How can one delete specific signatures from a key (similar to "pgp
-krs")? The "help" menu of "gpg --edit-key" doesn't seem to contain
an entry for this.
---------------------------
Packet Type: Public Key Packet
Length: 418
Version Byte: 4
Key Created: 15 Mar 1999 21:43:41
Algorithm: 17 (DSA)
P: 0xB8445DC5518710579E7C18703FAD4ED528E3531D23714E6E155467EB2498C07E07F78349D3BF8030450FDF9DBCA47FA71A838CA41F0E39FD6449CCD40830426750B12C7088C7967B7C157E040082C5C997EC3C28B42409898D60613A287867B72D50B1A2403E2824B6F749DE7BB049C7F980C1FB05EAF4CBBE4A72C20D90852F
Q: 0xA041AE0235F48A922FC7EB991B8FADB884692D5D
G: 0x421C5111E46A55D1CBBDF7D0C274DCA996902D1ED95D145E13EBCBF22A81B6FEC9D5C2552C0AEE6D283B3E5DA7C77FA3C430897F541DD935F35D0F5B1DFA329C555C6D8C146A1524517E8C24962851D40D4583773FA63687BBDBE374A53C45CB5C812F9FC94AD245A62572E34DF32244D4E8C2A87D01357873568E80865AEC24
Y: 0x0CF62DCE05AD5FF68C8CFA424DFDCE8EDF33ACF1AF8714BA415EBD1F9D367258134198303306002622FAB0B6454B64B33E8F5FDDC089B0870066914FDB2D124540A7973BA6F71B859E7A886ACDE797C874B71C0E2DB9D45EED908CD5FBA9029BD66A4F61C2C9252558D98D95D6C693572FEACD2C596B5F01E0C87BFD31135061
Key ID: 0x
---------------------------
Packet Type: User ID Packet
Length: 31
User ID: "Bodo Moeller <bmoeller@acm.org>"
---------------------------
Packet Type: Secret-Key Encrypted Packet (signature)
Length: 85
Version: 4
Positive ID Key certification
Public Key Algorithm: 17 (DSA)
Message Digest Algorithm: 2 (SHA-1)
Hashed subpackets: 21 bytes.
Subpacket: signature creation time, 5 bytes
Date: 15 Mar 1999 21:43:41
Subpacket: preferred symmetric algorithms, 3 bytes
Symmetric Algorithm: 10 ()
Symmetric Algorithm: 3 (CAST5)
Subpacket: preferred hash algorithms, 3 bytes
Hash Algorithm: 3 (RIPE-MD/160)
Hash Algorithm: 2 (SHA-1)
Subpacket: preferred compression algorithms, 3 bytes
Compression Algorithm: 2 (ZLIB)
Compression Algorithm: 1 (ZIP)
Subpacket: key server preferences, 2 bytes
Unhashed subpackets: 10 bytes.
Subpacket: issuer key ID, 9 bytes
ID: 0x0A5C1E1D70B2B0B3
Check bytes: 0xEEAF
20 bytes of data (1)
20 bytes of data (2)
---------------------------
Packet Type: Secret-Key Encrypted Packet (signature)
Length: 70
Version: 4
Generic Key certification
Public Key Algorithm: 17 (DSA)
Message Digest Algorithm: 2 (SHA-1)
Hashed subpackets: 6 bytes.
Subpacket: signature creation time, 5 bytes
Date: 17 Mar 1999 12:05:53
Unhashed subpackets: 10 bytes.
Subpacket: issuer key ID, 9 bytes
ID: 0x1CC19CA3CDD6B451
Check bytes: 0x1FC2
20 bytes of data (1)
20 bytes of data (2)
---------------------------
Packet Type: Secret-Key Encrypted Packet (signature)
Length: 149
Version: 3
Adding 5 bytes of header to digest
Generic Key certification
Signature Created: 24 Mar 1999 21:40:08
Signing Key ID: 0xAA589DAC5A6A9B85
Public Key Algorithm: 1 (RSA)
Message Digest Algorithm: 1 (MD5)
Check bytes: 0xA3BA
128 bytes of data (1)
---------------------------
Packet Type: Secret-Key Encrypted Packet (signature)
Length: 85
Version: 4
Positive ID Key certification
Public Key Algorithm: 17 (DSA)
Message Digest Algorithm: 2 (SHA-1)
Hashed subpackets: 21 bytes.
Subpacket: signature creation time, 5 bytes
Date: 15 Mar 1999 21:43:42
Subpacket: preferred symmetric algorithms, 3 bytes
Symmetric Algorithm: 10 ()
Symmetric Algorithm: 3 (CAST5)
Subpacket: preferred hash algorithms, 3 bytes
Hash Algorithm: 3 (RIPE-MD/160)
Hash Algorithm: 2 (SHA-1)
Subpacket: preferred compression algorithms, 3 bytes
Compression Algorithm: 2 (ZLIB)
Compression Algorithm: 1 (ZIP)
Subpacket: key server preferences, 2 bytes
Unhashed subpackets: 10 bytes.
Subpacket: issuer key ID, 9 bytes
ID: 0x0A5C1E1D70B2B0B3
Check bytes: 0xABC8
20 bytes of data (1)
20 bytes of data (2)
---------------------------
Packet Type: Secret-Key Encrypted Packet (signature)
Length: 70
Version: 4
Subkey binding signature
Public Key Algorithm: 17 (DSA)
Message Digest Algorithm: 2 (SHA-1)
Hashed subpackets: 6 bytes.
Subpacket: signature creation time, 5 bytes
Date: 15 Mar 1999 22:03:13
Unhashed subpackets: 10 bytes.
Subpacket: issuer key ID, 9 bytes
ID: 0x0A5C1E1D70B2B0B3
Check bytes: 0x6DAA
20 bytes of data (1)
20 bytes of data (2)
---------------------------
Packet Type: Secret-Key Encrypted Packet (signature)
Length: 70
Version: 4
Generic Key certification
Public Key Algorithm: 17 (DSA)
Message Digest Algorithm: 2 (SHA-1)
Hashed subpackets: 6 bytes.
Subpacket: signature creation time, 5 bytes
Date: 24 Mar 1999 22:42:02
Unhashed subpackets: 10 bytes.
Subpacket: issuer key ID, 9 bytes
ID: 0x6616D8A097414BD2
Check bytes: 0xAAB6
20 bytes of data (1)
20 bytes of data (2)
---------------------------
Packet Type: Secret-Key Encrypted Packet (signature)
Length: 149
Version: 3
Adding 5 bytes of header to digest
Generic Key certification
Signature Created: 24 Mar 1999 22:37:33
Signing Key ID: 0x76D31366BB8127E5
Public Key Algorithm: 1 (RSA)
Message Digest Algorithm: 1 (MD5)
Check bytes: 0x9FDD
128 bytes of data (1)
---------------------------
Packet Type: Public SubKey Packet
Length: 269
Version Byte: 4
Key Created: 15 Mar 1999 22:03:12
Algorithm: 16 (Elgamal (Encrypt only))
P: 0xA710490F6405048A39E9CB2EA1B0702358698F59519C22231D37E932248FB573FA56CCD9C2998EDC3941D6523AAC6AC0DD9B15646AC881E42045D37DA4ABE57368E08FE69A7B7080945996F31E5ABA7790362C8F48AD7E6B85362CDDF69C7F6AC6CBB49326A1599DBFD7FEAC168F67B027F48061307F3436F37768A86696798B
G: 0x06
Y: 0x8467FABC93C841FC26A38B3D5D8E3DCBE4BC3AB8F381A2E06D64D4E019870FB98CC5F7EB06E1D2958D689FA999269AF64E322F93FCF43BC6F33E9D06C7723804B9DEE7A5B89F52A9CE0182CFC0A7DFA3A9FC8AB4449A536FC3D6F86A3DEED4648231414C17D7976E85A6DB8A05E3CF10313DC792766D032F0533B4D888F2E430
Key ID: 0x
---------------------------
Packet Type: Secret-Key Encrypted Packet (signature)
Length: 70
Version: 4
Subkey binding signature
Public Key Algorithm: 17 (DSA)
Message Digest Algorithm: 2 (SHA-1)
Hashed subpackets: 6 bytes.
Subpacket: signature creation time, 5 bytes
Date: 15 Mar 1999 22:03:12
Unhashed subpackets: 10 bytes.
Subpacket: issuer key ID, 9 bytes
ID: 0x0A5C1E1D70B2B0B3
Check bytes: 0x7641
20 bytes of data (1)
20 bytes of data (2)
---------------------------
Packet Type: Secret-Key Encrypted Packet (signature)
Length: 70
Version: 4
Subkey binding signature
Public Key Algorithm: 17 (DSA)
Message Digest Algorithm: 2 (SHA-1)
Hashed subpackets: 6 bytes.
Subpacket: signature creation time, 5 bytes
Date: 15 Mar 1999 22:03:13
Unhashed subpackets: 10 bytes.
Subpacket: issuer key ID, 9 bytes
ID: 0x0A5C1E1D70B2B0B3
Check bytes: 0x6DAA
20 bytes of data (1)
20 bytes of data (2)