[Pkg-rust-maintainers] Bug#1076358: gpgv-sq: fails to verify some good signatures with reason "Bad public key"
Paride Legovini
paride at debian.org
Tue Jul 30 11:55:51 BST 2024
Well, in my case using `gpgv-sq -vv` clarified:
gpgv: Signature made Tue Jul 30 07:09:17 2024 +09:00
gpgv: using RSA key 0AB215679C571D1C8325275B9BDB3D89CE49EC21
gpgv: Can't check signature: Bad public key
Signing key on 0AB215679C571D1C8325275B9BDB3D89CE49EC21 is not bound:
gpgv: error: No binding signature at time 2024-07-29T22:09:17Z
gpgv: because: Policy rejected non-revocation signature (PositiveCertification) requiring second pre-image resistance
gpgv: because: SHA1 is not considered secure since 2023-02-01T00:00:00Z
so the signature rejected because of the default policy.
--
Paride
More information about the Pkg-rust-maintainers
mailing list