Trust assignment fails for key with fingerprint ending in multiple zero blocks
To Damon
damon.tu at outlook.com
Fri Jun 27 09:59:00 CEST 2025
Yes, I have two such keys. I will choose to use a different key.
> On 27 Jun 2025, at 15:25, Werner Koch <wk at gnupg.org> wrote:
>
> On Thu, 26 Jun 2025 07:39, To Damon said:
>
>> gpg: Note: ultimately trusted key 0000000000000000 not found
>
> Is a fingerprint ending in these zeros in the exported ownertrust list?
> If so, delete this line. Do you have hany trusted-keys options in your
> gpg.conf with such a fingerprint?
>
> If you run "gpg -K" is there a key with such a fingerprint? Don't use
> such a key. In theory we could test for this during key generation but
> due to a probablity of 1:1^64 it is more than unlikley that you get such
> a key by chance. Changing the fingerprint would be easy; we just need to
> bump up the creation date by a second. However with smartcards it gets
> more complicated to implement that mitigation.
>
>
> Shalom-Salam,
>
> Werner
>
> --
> The pioneers of a warless world are the youth that
> refuse military service. - A. Einstein
More information about the Gnupg-users
mailing list