sig!3 entry vs sig! entry on certain GnuPG keys from the PuTTY software site
The web site for the PuTTY software provides GnuPG keys to verify downloads of the PuTTY software. see http://www.chiark.greenend.org.uk/~sgtatham/putty/keys.html With these keys imported into the GnuPG public keyring, issuing gpg --check-sigs produced the following output (the user name has been redacted): C:/Documents and Settings/[redacted]/Application Data/gnupg\pubring.gpg - pub 1024R/1E34AC41 2000-12-20 uid PuTTY Master Key (RSA) [EMAIL PROTECTED] sig! 1E34AC41 2000-12-20 PuTTY Master Key (RSA) [EMAIL PROTECTED] rus.org sig! B41CAE29 2000-12-20 PuTTY Releases (RSA) [EMAIL PROTECTED] s.org sig! 32B903A9 2000-12-20 PuTTY Development Snapshots (RSA) putty-bugs@ lists.tartarus.org pub 1024R/B41CAE29 2000-12-20 uid PuTTY Releases (RSA) [EMAIL PROTECTED] sig! B41CAE29 2000-12-20 PuTTY Releases (RSA) [EMAIL PROTECTED] s.org sig! 1E34AC41 2000-12-20 PuTTY Master Key (RSA) [EMAIL PROTECTED] rus.org pub 1024R/32B903A9 2000-12-20 uid PuTTY Development Snapshots (RSA) [EMAIL PROTECTED] s.org sig! 32B903A9 2000-12-20 PuTTY Development Snapshots (RSA) putty-bugs@ lists.tartarus.org sig! 1E34AC41 2000-12-20 PuTTY Master Key (RSA) [EMAIL PROTECTED] rus.org pub 1024D/6A93B34E 2000-12-20 uid PuTTY Master Key (DSA) [EMAIL PROTECTED] sig!36A93B34E 2000-12-20 PuTTY Master Key (DSA) [EMAIL PROTECTED] rus.org sig! 08B0A90B 2000-12-20 PuTTY Releases (DSA) [EMAIL PROTECTED] s.org sig! 7D3E4A00 2000-12-20 PuTTY Development Snapshots (DSA) putty-bugs@ lists.tartarus.org pub 1024D/08B0A90B 2000-12-20 uid PuTTY Releases (DSA) [EMAIL PROTECTED] sig!308B0A90B 2000-12-20 PuTTY Releases (DSA) [EMAIL PROTECTED] s.org sig! 6A93B34E 2000-12-20 PuTTY Master Key (DSA) [EMAIL PROTECTED] rus.org pub 1024D/7D3E4A00 2000-12-20 uid PuTTY Development Snapshots (DSA) [EMAIL PROTECTED] s.org sig!37D3E4A00 2000-12-20 PuTTY Development Snapshots (DSA) putty-bugs@ lists.tartarus.org sig! 6A93B34E 2000-12-20 PuTTY Master Key (DSA) [EMAIL PROTECTED] rus.org 4 signatures not checked due to missing keys For the self-signatures on the DSA-type keys (and only the DSA-type keys) there is a sig!3 entry instead of a sig! entry. The other signatures on the DSA-type keys just have a sig! entry. It has been said elsewhere that the 3 in the sig!3 entry indicates a certificate check level of 3. However, the 3 does not appear on the self-signature entries for the RSA-type keys. Is this to do with the key types (the DSA type and the RSA type), the way that the keys were created and/or signed, or some other reason? ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: sig!3 entry vs sig! entry on certain GnuPG keys from the PuTTY software site
[EMAIL PROTECTED] wrote: The web site for the PuTTY software provides GnuPG keys to verify downloads of the PuTTY software. see http://www.chiark.greenend.org.uk/~sgtatham/putty/keys.html With these keys imported into the GnuPG public keyring, issuing gpg --check-sigs produced the following output (the user name has been redacted): snip For the self-signatures on the DSA-type keys (and only the DSA-type keys) there is a sig!3 entry instead of a sig! entry. The other signatures on the DSA-type keys just have a sig! entry. It has been said elsewhere that the 3 in the sig!3 entry indicates a certificate check level of 3. However, the 3 does not appear on the self-signature entries for the RSA-type keys. Is this to do with the key types (the DSA type and the RSA type), the way that the keys were created and/or signed, or some other reason? It's to do with the way the keys were signed at the time they were generated. There is a default certification level option that can be used either on the command line or in a config file - normally GnuPG will ask you for the certification level when you sign a key, but the default /can/ be used if the right options are set, and /will/ be used at the time of key generation. -- Alphax Death to all fanatics! Down with categorical imperative! OpenPGP key: http://tinyurl.com/lvq4g signature.asc Description: OpenPGP digital signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: sig!3 entry vs sig! entry on certain GnuPG keys from the PuTTY software site
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Alphax wrote: There is a default certification level option that can be used either on the command line or in a config file - normally GnuPG will ask you for the certification level when you sign a key, but the default /can/ be used if the right options are set, and /will/ be used at the time of key generation. I believe you will not normally be asked for a cert-level, at least not with most recent versions of gpg (I forget when that changed exactly). You must set ask-cert-level in your config or on the command line to be prompted. - -- ToddOpenPGP - KeyID: 0xBEAF0CE3 | URL: www.pobox.com/~tmz/pgp == What it means to take rights seriously is that one will honor them even when there is a significant social cost in doing so. -- Ronald Dworkin -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.5 (GNU/Linux) iQFDBAEBAgAtBQJE7v24JhhodHRwOi8vd3d3LnBvYm94LmNvbS9+dG16L3BncC90 bXouYXNjAAoJEEMlk4u+rwzjBxAH/3g+/Whk3cubupcbQPQ0uIa/NjwxZOH20ABZ ZWyTR1++ZHJgNxyUcqN+MkeiVCtS3uieqEFfDV40v53aZE2flAr/gDZWcwG5Xlek qWJOn9EnOzjsoHLVbWekBGA88IAx4X6yyBd5qvoEwYynkW/tIInNQqmtg1/HNYmI IjJjtGrWSATEdJ5o4Ojmqmwz0R4vhpVVSfXXReQ42Fb03VXBgy6/soNjZzsUrza2 IrjTyW23+W0vfKbgEZTjrqG+Kdz5BXHfPlG4TRqwdGlRCJUT5Twzhv1NiXW1m3Q3 spnI8bm6SDWBXcLD51yFZ8bDkAObffpQ86XyrDWnz3YcYK48k4A= =jwpd -END PGP SIGNATURE- ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
