another note to the keysigning debacle

Posted by Nico Golde in
Wednesday, August 5. 2009

As some pointed out one can make the resigning a lot easier in case you also used digest 2 signatures. Still it's quite a lot of work to remove the digest 2 sigs you already imported. If you are sending your keys to keyservers on a regular basis but not since debconf, it might make sense to remove your pubkey completely, import it back again, do something like:
for i in $(gpg --list-sigs $DEBSIGN_KEYID| grep '^sig' |sed -r -e 's/sig [0-3]* .*([A-F0-9]{8}) .*/\1/'); do gpg --recv-key $i; done

and then work on reimporting proper signatures. At least that's what I am doing now.
This way of course I lose all other keys that I imported in the past but imho that's worth the hassle of delsig in comparison.
HTH
Comments (0) - Trackbacks (0)
Defined tags for this entry: , , ,
Related entries by tags:
(Page 1 of 1, totaling 1 entries)

Calendar

Back August '09 Forward
Mon Tue Wed Thu Fri Sat Sun
          1 2
3 4 5 6 7 8 9
10 11 12 13 14 15 16
17 18 19 20 21 22 23
24 25 26 27 28 29 30
31            

Quicksearch

Support



=>my website

Recent Entries

E-Plus GSM privacy/TMSI allocation leak
Thursday, October 11 2012
Exploiting the Ubiquisys/SFR femtocell webserver (wsal/shttpd/mongoose/yassl embedded webserver)
Wednesday, August 3 2011
So what happened recently...
Wednesday, April 6 2011
Sunday, February 6 2011
exim remote vulnerability
Thursday, December 9 2010
Will my Phone Show An Unencrypted Connection?
Wednesday, September 8 2010
smpCTF 2010 quals writeups
Sunday, August 8 2010
protocol design fail: MMS notification
Wednesday, July 28 2010
acrobat reader stealing my passwords
Tuesday, June 29 2010
UnrealIRCd backdoored
Saturday, June 12 2010

Archives

Syndicate This Blog

Categories



All categories

Tag cloud