From gnupg-devel Thu May 02 07:21:01 2024 From: Ingo =?ISO-8859-1?Q?Kl=F6cker?= Date: Thu, 02 May 2024 07:21:01 +0000 To: gnupg-devel Subject: Re: GPGME: What does =?UTF-8?B?4oCYMOKAmSAoemVybykg4oCYc2lnbmF0dXJlLnN1bW1hcnnigJk=?= value mean? Message-Id: <4567689.LvFx2qVVIh () daneel> X-MARC-Message: https://marc.info/?l=gnupg-devel&m=171463431914718 MIME-Version: 1 Content-Type: multipart/mixed; boundary="--===============3253032014313995824==" --===============3253032014313995824== Content-Type: multipart/signed; boundary="nextPart2327700.ElGaqSPkdT"; micalg="pgp-sha512"; protocol="application/pgp-signature" --nextPart2327700.ElGaqSPkdT Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="UTF-8"; protected-headers="v1" From: Ingo =?ISO-8859-1?Q?Kl=F6cker?= To: gnupg-devel@gnupg.org Reply-To: gnupg-devel@gnupg.org Date: Thu, 02 May 2024 09:21:01 +0200 Message-ID: <4567689.LvFx2qVVIh@daneel> In-Reply-To: <8734rk68s3.fsf@benfinney.id.au> MIME-Version: 1.0 On Mittwoch, 17. April 2024 04:08:12 CEST Ben Finney wrote: > Ingo Kl=C3=B6cker writes: > > It would be helpful if you also gave us the public key. >=20 > Oh, I had expected a GnuPG client would fetch the key? It's part of the > signed message metadata, so it should be automatically fetched from the > key servers, I'd expect. Only if auto=E2=80=90key=E2=80=90retrieve is enabled. > Regardless, here is the URL to download that public key: >=20 > https://keys.openpgp.org/search?q=3D517C+F14B+B2F3+98B0+CB35++4855+B8B2+4= C06+ > AC12+8405> $ curl https://keys.openpgp.org/vks/v1/by-fingerprint/ 517CF14BB2F398B0CB354855B8B24C06AC128405 | gpg --import gpg: key B8B24C06AC128405: no user ID gpg: Total number processed: 1 gpg doesn't import keys without user ID. I found the key on another keyserv= er,=20 but when I try to verify the test message Kleopatra tells me: Signature created on Montag, 15. April 2024 01:32:13 CEST With unavailable certificate: ID: 0x6159E0F29E2FA412E0795C73F9B46AAC84420C82 You can search the certificate on a keyserver or import it from a file. I guess the required subkey is missing on the certificate I could import.=20 Searching the certificate 0x6159E0F29E2FA412E0795C73F9B46AAC84420C82 didn't= =20 yield any results. > $ gpg --status-fd 2 foo.txt.asc [...] > [GNUPG:] TRUST_UNDEFINED 0 pgp > gpg: WARNING: This key is not certified with a trusted signature! I think this is the important bit. If you look at the code snippet that Wer= ner=20 pasted then you'll see why `sum` isn't changed in this snippet. So, in this= =20 case 0 means good signature by an uncertified key. It's up to you to decide= =20 what to make of this. Regards, Ingo --nextPart2327700.ElGaqSPkdT Content-Type: application/pgp-signature; name="signature.asc" Content-Description: This is a digitally signed message part. Content-Transfer-Encoding: 7Bit -----BEGIN PGP SIGNATURE----- iHUEABYKAB0WIQTbjgIOMowwlCBgvyGxb1mVFkdKugUCZjM+3QAKCRCxb1mVFkdK upRAAQCq68hi55WVKT1jX8tXe6nAPbpYDhYHLLUxGCa5qUS2eAEAzf5cR9wdZauI RpPhD2F2G35a8a1GJaiTW6GCl+4r1g8= =xBOi -----END PGP SIGNATURE----- --nextPart2327700.ElGaqSPkdT-- --===============3253032014313995824== Content-Type: text/plain; charset="us-ascii" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Disposition: inline _______________________________________________ Gnupg-devel mailing list Gnupg-devel@gnupg.org https://lists.gnupg.org/mailman/listinfo/gnupg-devel --===============3253032014313995824==--