On Thu, May 16, 2019 at 1:34 PM Arnd Bergmann <arnd@xxxxxxxx> wrote:
>
>
> I have reconfigured it locally now and pushed an identical tag with a
> new signature. Can you see if that gives you the same warning if you
> try to pull that?
No, same issue:
[torvalds@i7 linux]$ git fetch
git://git.kernel.org/pub/scm/linux/kernel/git/arnd/asm-generic
tags/asm-generic-nommu
From ssh://gitolite.kernel.org/pub/scm/linux/kernel/git/arnd/asm-generic
* tag asm-generic-nommu -> FETCH_HEAD
[torvalds@i7 linux]$ git verify-tag FETCH_HEAD
gpg: Signature made Thu 16 May 2019 01:28:54 PM PDT
gpg: using RSA key 60AB47FFC9095227
gpg: bad data signature from key 60AB47FFC9095227: Wrong key usage
(0x00, 0x4)
gpg: Can't check signature: Wrong key usage
That's the same key you used previously.
I think you have to do some gpg edit-key magic or something, and then
the key need to be refreshed.
But I really despise the usability of gpg, so what do I know?
Linus
