On 22/05/2015 5:37 am, Werner Koch wrote: > > These are all encryption subkeys. The third key is the one from > H. Peter Anvin. I have not found one of the fingerprints given in the > said blog posting: gpg removed it while importing the key. It is a bit > disturbing that the other subkey listed above has a good key binding > signature. > > I got distracted for some time and a few weeks later the PGP team at > Symantec reported back that these are all duplicated subkeys where the > other subkey had no small factors. Their thesis is that this happened > due to memory corruption while merging a key. They planned to > investigate that further using the PGP SDK but, like me, the case was > more or less forgotton.
Is it possible that a keyserver running the old, buggy PKS code (v. 0.9.something) mangled these keys? Regards, Ben
signature.asc
Description: OpenPGP digital signature
_______________________________________________ Gnupg-users mailing list [email protected] http://lists.gnupg.org/mailman/listinfo/gnupg-users
