Mailing List Archive: Re: Odd key

Re: Odd key

Feb 9, 2000, 6:46 AM

Post #1 of 3 (480 views)

On Tue, Feb 08, 2000 at 10:58:30PM -0500, L. Sassaman wrote:
>
> Hi folks!
>
> For some reason, 0x6FFC5075 will not import to my keyring. (It is on all
> the public servers... it is an RSA key, self-signed.
>
> rabbi@thetis:/usr/home/rabbi$ gpg --recv-keys 0x6FFC5075
> gpg: requesting key 6FFC5075 from horowitz.surfnet.nl ...
> gpg: public key is 7999 seconds newer than the signature
> gpg: key 6FFC5075: invalid self-signature
> gpg: key 6FFC5075: no valid user IDs
> gpg: this may be caused by a missing self-signature
> gpg: Total number processed: 1
> gpg: w/o user IDs: 1
> rabbi@thetis:/usr/home/rabbi$

:public key packet:
version 3, algo 1, created 901704480, expires 0
[...]
:signature packet: algo 1, keyid FC56E2116FFC5075
version 3, created 901696481, md5len 5, sigclass 10

signature public key
--------- ----------
901696481 < 901704480
Wed Jul 29 09:14:41 1998 < Wed Jul 29 11:28:00 1998

The signature's timestamp is earlier than the public key's timestamp, which
is a bit odd. But since timestamps can't be trusted anyway, maybe GPG should
just print a warning ?

Re: Odd key [ In reply to ]

wk at gnupg

Feb 9, 2000, 7:38 AM

Post #2 of 3 (469 views)

Permalink

On Wed, 9 Feb 2000, Remi Guyomarch wrote:

> Wed Jul 29 09:14:41 1998 < Wed Jul 29 11:28:00 1998
>
> The signature's timestamp is earlier than the public key's timestamp, which
> is a bit odd. But since timestamps can't be trusted anyway, maybe GPG should
> just print a warning ?

You can trust that the person how did the signature or created the key
used this timestamp. But sure, it is trivial to chnage the system
clock.

The CVS version STABLE-BRANCH-1-0 has now the option
--ignore-time-conflict. I have not tested it yet, please tell me if
it works.

Werner

Re: Odd key [ In reply to ]

rguyom at mail

Feb 10, 2000, 9:13 AM

Post #3 of 3 (473 views)

Permalink

On Fri, Feb 11, 2000 at 11:53:20AM -0500, L. Sassaman wrote:
>
> What exactly did you do to get this to display?
>
> On Wed, 9 Feb 2000, Remi Guyomarch wrote:
>
> > :public key packet:
> > version 3, algo 1, created 901704480, expires 0
> > [...]
> > :signature packet: algo 1, keyid FC56E2116FFC5075
> > version 3, created 901696481, md5len 5, sigclass 10

I copied the key into a file and did "gpg --list-packets the-file"

> > signature public key
> > --------- ----------
> > 901696481 < 901704480
> > Wed Jul 29 09:14:41 1998 < Wed Jul 29 11:28:00 1998

I wrote a few C lines to parse Unix timestamps. It's quite usefull for
reading squid logs for example. Here it is :

#include <stdio.h>
#include <time.h>

int main( void ) {
time_t t;
char buffer[1024], *s;

while( !feof(stdin) ) {
if( scanf( "%lu", &t ) != 1)
break;
if( fgets( buffer, sizeof(buffer), stdin ) == NULL )
break;
s = ctime( &t );
s[strlen(s)-1] = 0;
printf( "%s %s", s, buffer );
}
return 0;
}