Am Tue, 30 Jul 2019 13:28:32 +0200 schrieb "Dr. Thomas Orgis" <thomas.or...@uni-hamburg.de>:
> And even with it present, is it > correct behaviour for gpgsm to consider the chain invalid instead of > just the cross-signature? It _does_ trust the new root cert already … > no need for any further signature. Just now the third colleague (all people working at German universities) contacted me about having even a more persisting variant of this issue, with the old root cert cross-signature being re-imported by gpgsm and thus practically permanently breaking the use of the new certificate. Can we consider this a bug in gpgsm's handling of signatures or is this really working as designed? Regards, Thomas > PS: Just for fun, I'm trying to sign this post now. Maybe it won't even > be broken by the list? The list does break the signature. I'm not adding one now … -- Dr. Thomas Orgis HPC @ Universität Hamburg _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
