Question About Accumulated Bad Signatures in Public Key

Erik Lotspeich erik at lotspeich.org
Fri Jul 24 22:37:21 CEST 2009


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Hi,

The public key that I use for work has accumulated various "bad
signatures".  To be honest, I don't know how these signatures got there.
 Anyway, I can use GPG to "clean" the public key and remove them.

Public key servers do not seem to scrub or clean public keys.  Is it a
reasonable thing to delete the public key and re-add it?  This doesn't
seem to be something that most public keyservers allow or recommend.  Or
is it normal for bad signatures to accumulate over the years and it is
to be expected.

Note that in my case the bad signatures are redundant since there are
good, valid, signatures in addition to the valid bad ones by those
individuals.

I hope that I've explained this clearly.  I've searched on the Internet
and I haven't seen a definitive answer.

Regards,

Erik
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.9 (GNU/Linux)
Comment: Using GnuPG with SUSE - http://enigmail.mozdev.org

iEYEARECAAYFAkpqG4EACgkQY21D/n6bGwfTWACeOen2Lf9oz+EM9l/gWQKfaF/b
gCQAnjabVPSx0X0aR6Gpe3XtRhjXly3t
=BaAG
-----END PGP SIGNATURE-----



More information about the Gnupg-users mailing list