Stephan Hugel venit, vidit, dixit 05.10.2010 02:17: > On 5 October 2010 00:59, Daniel Johnson <computerdruid@xxxxxxxxx> wrote: >> On Monday 04 October 2010 19:04:51 Stephan Hugel wrote: >>> Daniel, >>> Those are the exact steps I'm using. >>> >>> When I run tag -v on existing tags, I don't see the >>> >>> -----BEGIN PGP MESSAGE----- >>> Version: GnuPG v1.4.9 (Darwin) >>> >>> iD8DBQBMqlpo8Y2TgZsQ1pARAmBQAJ9NV0IX7jlzeB8ogddlutFKAjyWJwCfSI5A >>> yZeXw/EddYrfdad/VvOrL1o= >>> =/0PJ >>> -----END PGP MESSAGEââ >>> >>> block. It's only present on tags created using the current version. >>> I've also just upgraded to GnuPG 1.4.10, but the result is the same. >>> I'm not sure how else I can determine where the problem arises; I'm >>> using the git and GnuPG versions for OS X built by homebrew, and GnuPG >>> is happy to use the same key for en/decryption and signing. I've also >>> verified that none of the subkeys are expired, and that the trust db >>> is OK. >> >> If you have the tests available, can you try running t7004 to see if it fails >> there too? >> > I rebuilt and installed from source > Passed all 105 tests in t7004-tag.sh > Problem remains with tags I create > > This would seem to imply a problem with my key, even though nothing > else is complaining about it. Here's a very basic way to check: If foo is your tag, do git cat-file tag foo > a git cat-file tag foo > a.sig >From the file "a", delete the signature (everything lines between and including "-----BEGIN/END PGP SIGNATURE-----"), invoking an editor or your favorite sed/awk/perl magic. a is the data on which git invoked gpg for signing the tag. (I'm not sure why gpg can't notice the inline sig directly but that doesn't matter; maybe because it is none ;)) Now, gpg --verify a.sig should check the signature a.sig for a. Doing that, maybe with --verbose, you may find out whether the tag object is bogus or git misunderstands gpg's response. If your key is on a key server you can also share the file a.sig with us so that we can check. Michael -- To unsubscribe from this list: send the line "unsubscribe git" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html