Learn more about these different git repos.
Other Git URLs
From https://gitlab.com/sequoia-pgp/sequoia/-/issues/595#note_433392680:
✦ ❯ ./target/debug/sq inspect ./fedora.gpg ./fedora.gpg: OpenPGP Keyring. OpenPGP Certificate. Fingerprint: 963A 2BEB 0200 9608 FE67 EA42 49FD 7749 9570 FF31 Invalid: No binding signature at time 2020-10-21T09:16:00Z Public-key algo: RSA (Encrypt or Sign) Public-key size: 4096 bits Creation time: 2020-01-28 10:03:39 UTC UserID: Fedora (33) <fedora-33-primary@fedoraproject.org> Invalid: Policy rejected non-revocation signature (PositiveCertification) because: SHA1 is not considered secure since 2013-01-01T00:00:00Z OpenPGP Certificate. Fingerprint: 97A1 AE57 C3A2 372C CA3A 4ABA 6C13 026D 12C9 44D0 Invalid: No binding signature at time 2020-10-21T09:16:00Z Public-key algo: RSA (Encrypt or Sign) Public-key size: 4096 bits Creation time: 2019-08-12 12:08:11 UTC UserID: Fedora (32) <fedora-32-primary@fedoraproject.org> Invalid: Policy rejected non-revocation signature (PositiveCertification) because: SHA1 is not considered secure since 2013-01-01T00:00:00Z OpenPGP Certificate. Fingerprint: 7D22 D586 7F2A 4236 474B F7B8 50CB 390B 3C33 59C4 Invalid: No binding signature at time 2020-10-21T09:16:00Z Public-key algo: RSA (Encrypt or Sign) Public-key size: 4096 bits Creation time: 2019-02-18 16:27:47 UTC UserID: Fedora (31) <fedora-31-primary@fedoraproject.org> Invalid: Policy rejected non-revocation signature (PositiveCertification) because: SHA1 is not considered secure since 2013-01-01T00:00:00Z OpenPGP Certificate. Fingerprint: C2A3 FA9D C67F 68B9 8BB5 43F4 7BB9 0722 DBBD CF7C Invalid: No binding signature at time 2020-10-21T09:16:00Z Public-key algo: RSA (Encrypt or Sign) Public-key size: 4096 bits Creation time: 2018-11-13 18:05:12 UTC UserID: Fedora (iot 2019) <fedora-iot-2019@fedoraproject.org> Invalid: Policy rejected non-revocation signature (PositiveCertification) because: SHA1 is not considered secure since 2013-01-01T00:00:00Z OpenPGP Certificate. Fingerprint: 94E2 79EB 8D8F 25B2 1810 ADF1 21EA 45AB 2F86 D6A1 Invalid: No binding signature at time 2020-10-21T09:16:00Z Public-key algo: RSA (Encrypt or Sign) Public-key size: 4096 bits Creation time: 2019-06-05 14:17:31 UTC UserID: Fedora EPEL (8) <epel@fedoraproject.org> Invalid: Policy rejected non-revocation signature (PositiveCertification) because: SHA1 is not considered secure since 2013-01-01T00:00:00Z OpenPGP Certificate. Fingerprint: 91E9 7D7C 4A5E 96F1 7F3E 888F 6A2F AEA2 352C 64E5 Invalid: No binding signature at time 2020-10-21T09:16:00Z Public-key algo: RSA (Encrypt or Sign) Public-key size: 4096 bits Creation time: 2013-12-16 02:42:12 UTC UserID: Fedora EPEL (7) <epel@fedoraproject.org> Invalid: Policy rejected non-revocation signature (PositiveCertification) because: SHA1 is not considered secure since 2013-01-01T00:00:00Z OpenPGP Certificate. Fingerprint: 8C3B E96A F230 9184 DA5C 0DAE 3B49 DF2A 0608 B895 Invalid: No binding signature at time 2020-10-21T09:16:00Z Public-key algo: RSA (Encrypt or Sign) Public-key size: 4096 bits Creation time: 2010-04-23 23:12:02 UTC UserID: EPEL (6) <epel@fedoraproject.org> Invalid: Policy rejected non-revocation signature (PositiveCertification) because: SHA1 is not considered secure since 2013-01-01T00:00:00Z
So, I guess we are using sha1 in signatures? In any case we should track this down and fix it. May well need changes in sigul.
Metadata Update from @mohanboddu: - Issue tagged with: dev, high-gain, medium-trouble, ops
This should be done for new keys (sadly changing old ones will be a pain).
Metadata Update from @kevin: - Issue close_status updated to: Fixed - Issue status updated to: Closed (was: Open)
Login to comment on this ticket.