Mailing List Archive

On Wed, 21 Oct 2020 23:52, Ludovic Courtès said:

> For some reason (perhaps a bug in a previous version of GnuPG I used
> long ago?), my public key ring had come to contain my own public key
> twice, with the same fingerprint and all.

Should not happen because we use on Unix a copy-to-temp/update/rename
strategy. There are bugs of course and so there is no guarantee that it
does not happen. Eventually this will go away because 2.3 will come
with the optional keyboxd daemon which uses sqlite and keeps a unique
index on the primary key's fingerprint. It will also makes things
faster and more robust related to changes when running several gpg
processes. Drawback is that we have yet another format to store keys.

> To recover from it, I deleted my public key with ‘--delete-key’ twice,
> ‘--delete-secret-key’ once for the corresponding secret key, and then
> re-imported both the public key and the secret key, which I had
> previously exported. Now everything is back to normal.

That is sound fix. I am not aware of other reports but ppl might not
have considered this a bug.

kbxutil --find-dups pubring.kbx

should print a list of duplicate records. Take care: kbxutil is more of
a debugging aid than a real tool.

While you spoke about easypg: I often have problems with it and it would
be nice if we could find a maintainer for it. With the Emacs' new FFI a
move to GPGME might also be an idea.


Shalom-Salam,

Werner


--
Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz.

Hi Werner,

Werner Koch <wk@gnupg.org> skribis:

> On Wed, 21 Oct 2020 23:52, Ludovic Courtès said:
>
>> For some reason (perhaps a bug in a previous version of GnuPG I used
>> long ago?), my public key ring had come to contain my own public key
>> twice, with the same fingerprint and all.
>
> Should not happen because we use on Unix a copy-to-temp/update/rename
> strategy. There are bugs of course and so there is no guarantee that it
> does not happen.

I’ve been carrying this keyring for years, so it could be that there was
once a bug that led to this inconsistency.

> Eventually this will go away because 2.3 will come with the optional
> keyboxd daemon which uses sqlite and keeps a unique index on the
> primary key's fingerprint. It will also makes things faster and more
> robust related to changes when running several gpg processes.
> Drawback is that we have yet another format to store keys.

Nice.

>> To recover from it, I deleted my public key with ‘--delete-key’ twice,
>> ‘--delete-secret-key’ once for the corresponding secret key, and then
>> re-imported both the public key and the secret key, which I had
>> previously exported. Now everything is back to normal.
>
> That is sound fix. I am not aware of other reports but ppl might not
> have considered this a bug.
>
> kbxutil --find-dups pubring.kbx
>
> should print a list of duplicate records. Take care: kbxutil is more of
> a debugging aid than a real tool.

Interesting! Good news: I don’t have other duplicate keys.

> While you spoke about easypg: I often have problems with it and it would
> be nice if we could find a maintainer for it. With the Emacs' new FFI a
> move to GPGME might also be an idea.

Yeah. EPG seems to be actively maintained though; this recent change I
mentioned is what led me to discover this issue.

Thanks for your feedback!

Ludo’.

_______________________________________________
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users