On Sat, Jun 30, 2007 at 09:15:17AM -0500, Dennis Gilmore wrote:
Once upon a time Saturday 30 June 2007, Axel Thimm wrote:
> a) I replied to the "amazingly stupid" mail I received and got the
> above reply, at the very least the From/Reply-To was broken.
>
> b) I did sign the mail and the gpg key is actually the one registred
> at FAS, I just checked my FAS details.
Axel,
on every email you send i get "Message was signed by
Axel.Thimm(a)physik.fu-berlin.de (Key ID: 0x401552D4639A99F1).
Warning: The signature is bad." perhaps thats what happened.
Hm, you either never refresh the public key cache, or your MUA/the gpg
checking script can't cope with multiple uids in a key (unlikely, but
has happened in rpm code before, so it's always worth checking).
Try
gpg --refresh-keys
and see what happens. I bet at least your MUA will get back to senses.
any way its not something that should have happened and we will have
to try and determine why you got emailed in the first place.
But let me add
c) why on earth is my reply to the broken cron job being gpg checked
at the first place?
Let me recapitulate:
o Some scripts decides that I don't have a bufgzilla account and sends
me instructiosn to setup a bugzilla account under the name of my
already exiting bugzilla acount. OK, a bug in the script with a
false positive.
o Replying to the mail applies some gpg checking to it (???). I would
expect the destination of automated mail to be either noreply or if
not to reach some person that can fix it. But somehow the
destination is a gpg checking script, perhaps a mismatch of
addresses (in the orginal script-mail) and the mail was sent to the
CLS checking script ...
o Finally the gpg check fails on a valid signature. Perhaps because
the public gpg cache was filled with my key ages ago, perhaps
because it now fails to detect multiple uids in the key (which was
the same when I signed the CLA, so it would be a regression).
Now three bugs in one? Why, am I a lucky bastard.
--
Axel.Thimm at
ATrpms.net