Bug#797714: Always "Ignoring fingerprint" with ksp file input

Eduard Bloch Tue, 01 Sep 2015 13:18:45 -0700

Package: signing-party
Version: 2.1-1
Severity: normal
File: /usr/bin/caff

$ caff --debug < ksp-dc15.txt.mine
[NOTICE] Reading gpgparticipants formatted input on STDIN
[NOTICE] Found SHA256 checksum (marked as verified, assumed good)
[INFO] Ignoring fingerprint 7C3AB9CFD230BD30DD009C591E7091B1F14A64A2
[INFO] Ignoring fingerprint DCCBC0E08C2ECA5A1C5E6062357FE44091183685
[INFO] Ignoring fingerprint 7CB413B528AFDF0D5E062E482E38FD70580E02C0
...


Basically all keys are ignored. Why? No idea, I added an X to the file,
assuming that this should be enough. Manpage doesn't provide much more
information for this kind of usage. Sample attached.


-- System Information:
Debian Release: stretch/sid
  APT prefers unstable
  APT policy: (500, 'unstable'), (500, 'testing'), (1, 'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 4.2.0+ (SMP w/4 CPU cores; PREEMPT)
Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/bash
Init: sysvinit (via /sbin/init)

Versions of packages signing-party depends on:
ii  gnupg                      1.4.19-5
ii  libc6                      2.19-19
ii  libclass-methodmaker-perl  2.24-1
ii  libgnupg-interface-perl    0.52-2
ii  libmailtools-perl          2.13-1
ii  libmime-tools-perl         5.505-1
ii  libnet-idn-encode-perl     2.202-1
ii  libterm-readkey-perl       2.33-1
ii  libtext-template-perl      1.46-1
ii  perl                       5.20.2-6
ii  python                     2.7.9-1
ii  qprint                     1.1.dfsg.2-2

Versions of packages signing-party recommends:
ii  dialog                                     1.2-20150528-1
ii  exim4-daemon-light [mail-transport-agent]  4.86-3
ii  libgd-perl [libgd-gd2-perl]                2.53-1+b1
ii  libpaper-utils                             1.1.24+nmu4
ii  whiptail                                   0.52.18-1

Versions of packages signing-party suggests:
ii  fonts-droid                1:4.4.4r2-7
ii  imagemagick                8:6.8.9.9-5.1+b1
ii  mutt                       1.5.23-3.1
pn  qrencode                   <none>
ii  texlive-font-utils         2015.20150823-1
ii  texlive-latex-extra        2015.20150823-1
ii  texlive-latex-recommended  2015.20150823-1
pn  texlive-xetex              <none>
pn  wipe                       <none>

-- no debconf information

-- 
Wilkommen bei Slash-Boing-Heise ...
anna_k, anna.katz...@gmx.net (466 Beiträge seit 18.4.00)        
Bewertung dieses Beitrags:      [Beitragsbewertung: 87%]        
        

... dem Internet-Magazin der etwas anderen Art.

In Zukunft werden wir Sie tagesaktuell auch über folgende Themen
informieren:

 -- SuicideGirls --- Schlampen oder Schätzchen?
 -- Hamster im PC: Grillgut oder Superconductor?
 -- Pappraketen und Roboter, die Kinder fressen.
 -- Windows Vista im Wohnzimmer: Welches "Theme" ist das richtige für
mich?
 -- Die Bundescomputerliga: Steigt HP ab? Und: Alles über das
Win/Mac-Pokalspiel.
 --PC-Tuning extrem: "Gleisch hasdu meine Lüfter in die Fresse,
Alder!"
 -- HURD oder JOGHURD - Milchspeisen für Admins.
 -- Welche Unterhose trägt Cory Doctorow heute (und warum?).
 -- Immer nur "Sendmail" nervt auch: Warum nicht einfach mal Mail
empfangen?
 -- Schnurers Frisurentips (Mo-Fr und Sa-So auf c't-TV) (wird  Do-Mo
und Di-Mi wiederholt)
 -- "Mir zwickts am Kernel" (Eine ehrliche Fragestunde mit dem Dr.
Sommer-Team)
 -- RAM gegen RAM - das ulimative Shootout: Wer fliegt weiter? (mit
Steinschleudern)
 -- Deutschlands Geilste Festplatten: Wo Sie am besten fscken können.

Und noch vieles, vieles mehr!

Bookmarken Sie jetzt, um in den vollen Genuss unseres Bookmarks zu
kommen!

                    Anibal Monsalve Salazar <ani...@debian.org>

                      D E B C O N F 1 5    K E Y S I G N I N G

                           List of Participants  (v 1.0)


Here's what you have to do with this file:

1. Print this file to paper.
2. Compute this file's SHA256 checksum: sha256sum ksp-dc15.txt
3. fill in the hash values on the printout.
4. Bring the printout, a pen, and proof of identity to the keysigning.

For each participant:

1. Compare the hash you computed with the other participant.
2. Ask if the other participant's gpg fingerprint on the hardcopy is correct.
3. Verify each other's identity by checking preferably a passport.
4. If you are satisfied with the identification, mark on your hardcopy that
   the other participant's gpg fingerprint is correct and has been identified.


SHA256 Checksum: _________________________________________________________ [x]



#1   Aaron M. Ucko (rank: 119)

      [x] Fingerprint(s) OK        [x] ID OK

pub   rsa4096/F14A64A2 2009-05-22 [expires: 2017-07-21]
      Key fingerprint = 7C3A B9CF D230 BD30 DD00  9C59 1E70 91B1 F14A 64A2
uid       Aaron M. Ucko <a...@alum.mit.edu>
uid       Aaron M. Ucko <u...@debian.org>


#2   Abhishek Bhattacharjee

      [ ] Fingerprint(s) OK        [ ] ID OK

pub   rsa4096/91183685 2015-08-03 [expires: 2017-03-25]
      Key fingerprint = DCCB C0E0 8C2E CA5A 1C5E  6062 357F E440 9118 3685
uid       Abhishek Bhattacharjee <abhishek.bhattacharje...@gmail.com>


#3   Achim D. Brucker

      [x ] Fingerprint(s) OK        [x] ID OK

pub   rsa4096/580E02C0 2014-11-15 [expires: 2017-08-08]
      Key fingerprint = 7CB4 13B5 28AF DF0D 5E06  2E48 2E38 FD70 580E 02C0
uid       Achim D. Brucker <adbruc...@0x5f.org>

Bug#797714: Always "Ignoring fingerprint" with ksp file input

Reply via email to