Control: tags -1 +moreinfo +unreproducible On Fri, Mar 13, 2015 at 10:26:25AM +0100, Dimitri Dhuyvetter wrote: > Package: monkeysign > > When I scan a QR code I made outside of Monkeysig, which contains the > string "openpgp4fpr:6FC84DA08920932D34DDCBCD188E3F108C693450" Monkeysign > shows me this message: > > Signing the following key > > > > pub [unknown] 4096R/D4E5573D 1412669072 [expiry: 1475741072] > > Fingerprint = 7699 3358 A023 D4C7 460E CD23 E690 607D D4E5 573D > > uid 1 [unknown] Dimitri Dhuyvetter <dimi...@dhuyvetter.eu> > > uid 2 [unknown] Dimitri Dhuyvetter <dimi...@humanized.be> > > uid 3 [unknown] Dimitri Dhuyvetter <webmas...@dhuyvetter.eu> > > sub 4096R/D4E5573D 1412669072 [expiry: 1475741072] > > > > > > Sign all identities? [y/N] > > This should be > > sec 4096R/0x188E3F108C693450 2014-10-07 [expires: 2016-10-06] > > Key fingerprint = 6FC8 4DA0 8920 932D 34DD CBCD 188E 3F10 8C69 3450 > > uid Dimitri Dhuyvetter <dimi...@dhuyvetter.eu> > > uid Dimitri Dhuyvetter <dimi...@dhuyvetter.eu> > > uid Dimitri Dhuyvetter <dimi...@humanized.be> > > uid Dimitri Dhuyvetter <webmas...@dhuyvetter.eu> > > ssb 4096R/0xE690607DD4E5573D 2014-10-07 > > Or short ID 0x8C693450
That is really strange. I cannot reproduce this here, obviously:
$ monkeysign --local 6FC84DA08920932D34DDCBCD188E3F108C693450
Préparation à la signature de cette clé:
pub [unknown] 4096R/7B75921E 1243621534 [expiry: 1496357973]
Fingerprint = 8DC9 01CE 6414 6C04 8AD5 0FBB 7921 5252 7B75 921E
uid 1 [unknown] Antoine Beaupré (home address) <anar...@anarcat.ath.cx>
uid 2 [unknown] Antoine Beaupré (work) <anar...@koumbit.org>
sub 2048R/EE02855A 1342743455
sub 4096R/9C5A5581 1243622183
La clé suivante sera certifiée
pub [unknown] 4096R/8C693450 1412669072 [expiry: 1475741072]
Fingerprint = 6FC8 4DA0 8920 932D 34DD CBCD 188E 3F10 8C69 3450
uid 1 [unknown] Dimitri Dhuyvetter <dimi...@dhuyvetter.net>
uid 2 [unknown] Dimitri Dhuyvetter <dimi...@humanized.be>
uid 3 [unknown] Dimitri Dhuyvetter <dimi...@dhuyvetter.eu>
uid 4 [unknown] Dimitri Dhuyvetter <webmas...@dhuyvetter.eu>
uid 5 [unknown] Dimitri Dhuyvetter <webmas...@dhuyvetter.net>
sub 4096R/D4E5573D 1412669072 [expiry: 1475741072]
What is interesting is that if I try the other fingerprint that you
originally found, I get this:
$ monkeysign --local 7699 3358 A023 D4C7 460E CD23 E690 607D D4E5 573D
Préparation à la signature de cette clé:
pub [unknown] 4096R/7B75921E 1243621534 [expiry: 1496357973]
Fingerprint = 8DC9 01CE 6414 6C04 8AD5 0FBB 7921 5252 7B75 921E
uid 1 [unknown] Antoine Beaupré (home address) <anar...@anarcat.ath.cx>
uid 2 [unknown] Antoine Beaupré (work) <anar...@koumbit.org>
sub 2048R/EE02855A 1342743455
sub 4096R/9C5A5581 1243622183
La clé suivante sera certifiée
pub [unknown] 4096R/8C693450 1412669072 [expiry: 1475741072]
Fingerprint = 6FC8 4DA0 8920 932D 34DD CBCD 188E 3F10 8C69 3450
uid 1 [unknown] Dimitri Dhuyvetter <dimi...@dhuyvetter.net>
uid 2 [unknown] Dimitri Dhuyvetter <dimi...@humanized.be>
uid 3 [unknown] Dimitri Dhuyvetter <dimi...@dhuyvetter.eu>
uid 4 [unknown] Dimitri Dhuyvetter <webmas...@dhuyvetter.eu>
uid 5 [unknown] Dimitri Dhuyvetter <webmas...@dhuyvetter.net>
sub 4096R/D4E5573D 1412669072 [expiry: 1475741072]
ie. it signs the same key! When I import your key from the keyservers, I
find can export your key using that other fingerprint:
$ gpg --export -a '76993358A023D4C7460ECD23E690607DD4E5573D' | gpg
pub 4096R/188E3F108C693450 2014-10-07 Dimitri Dhuyvetter <dimi...@humanized.be>
uid Dimitri Dhuyvetter <dimi...@dhuyvetter.eu>
uid Dimitri Dhuyvetter <dimi...@dhuyvetter.net>
uid Dimitri Dhuyvetter <webmas...@dhuyvetter.eu>
uid Dimitri Dhuyvetter <webmas...@dhuyvetter.net>
sub 4096R/E690607DD4E5573D 2014-10-07 [expire : 2016-10-06]
I cannot find key 76993358A023D4C7460ECD23E690607DD4E5573D anywhere on
the keyservers.
> I've attached the QR in question, so you can test it out yourself.
I do not see the qrcode in attachment, nor in the URL you mentionned in
that other post, could you send it again?
> I'm not sure which version of Monkeysign or Monkeyscan I have, I
> installed it today from Ubuntu repos.
> I am running Ubuntu 14.03 LTS
You are likely running 1.1, according to this:
http://packages.ubuntu.com/monkeysign
You may want to try a newer version.
A.
--
One has a moral responsibility to disobey unjust laws.
- Martin Luther King, Jr.
signature.asc
Description: Digital signature
