On Sat, Jun 30, 2007 at 09:15:17AM -0500, Dennis Gilmore wrote: > Once upon a time Saturday 30 June 2007, Axel Thimm wrote: > > > a) I replied to the "amazingly stupid" mail I received and got the > > above reply, at the very least the From/Reply-To was broken. > > > > b) I did sign the mail and the gpg key is actually the one registred > > at FAS, I just checked my FAS details. > > Axel, > > on every email you send i get "Message was signed by > Axel.Thimm@xxxxxxxxxxxxxxxxxxx (Key ID: 0x401552D4639A99F1). > Warning: The signature is bad." perhaps thats what happened. Hm, you either never refresh the public key cache, or your MUA/the gpg checking script can't cope with multiple uids in a key (unlikely, but has happened in rpm code before, so it's always worth checking). Try gpg --refresh-keys and see what happens. I bet at least your MUA will get back to senses. > any way its not something that should have happened and we will have > to try and determine why you got emailed in the first place. But let me add c) why on earth is my reply to the broken cron job being gpg checked at the first place? Let me recapitulate: o Some scripts decides that I don't have a bufgzilla account and sends me instructiosn to setup a bugzilla account under the name of my already exiting bugzilla acount. OK, a bug in the script with a false positive. o Replying to the mail applies some gpg checking to it (???). I would expect the destination of automated mail to be either noreply or if not to reach some person that can fix it. But somehow the destination is a gpg checking script, perhaps a mismatch of addresses (in the orginal script-mail) and the mail was sent to the CLS checking script ... o Finally the gpg check fails on a valid signature. Perhaps because the public gpg cache was filled with my key ages ago, perhaps because it now fails to detect multiple uids in the key (which was the same when I signed the CLA, so it would be a regression). Now three bugs in one? Why, am I a lucky bastard. -- Axel.Thimm at ATrpms.net
Attachment:
pgpZXpLtsjpLF.pgp
Description: PGP signature
