Additional self-signature
David Shaw
dshaw at jabberwocky.com
Fri May 27 02:01:44 CEST 2005
On Fri, May 27, 2005 at 02:07:27AM +0300, Oskar L. wrote:
> Werner wrote:
> > When importing a secret key into a keyring without a public key, a
> > public key is created from the secret key. Due to historic reasons
> > the self-signature on the secret key is a different one than the one
> > created with the public key. How when importing the public key a new
> > signature will be added and gpg is not able to detects this. This
> > won't harm because the signatures are effectively identically although
> > not bit wise.
>
> So why do I also get a second self-signature when I first import the
> public key and then the secret key? Surely some kind of secret key can't
> be created from the public key?
No, it's the other way around. The public key can be created from the
secret key. What you are seeing with the second self-signature is a
historical oddity. In the past, keys were generated with two
different self-signatures - one on the secret key and one on the
public key. You are just seeing them both. Newer keys are generated
with a single self signature so you only see one.
> Also, when I delete secring.gpg, why is it recreated when I import a
> pubic key?
It's recreated empty as a placeholder.
David
More information about the Gnupg-users
mailing list