[Gpg4win-users-en] Own key's validity gets set from ultimate to undef when signing a key that signed you (again)

Chris Jacobs ctjacobs at drschrisjacobs.nl
Wed Apr 3 17:11:11 CEST 2024

Using Gpg4win-4.3.1 on command line Windows 11


An old bug, closed and resolved in 2015

But I was able to reproduce it on a new system.

To reproduce it, in Kleopatra:
create a keypair for Peter
create a keypair for Paul
sign Peter with Paul
sign Paul with Peter
export the public key of Paul
delete the keypair of Paul
import the public key of Paul
The key of Peter goes now to not certified

See how this looks from the command prompt:
PS C:\Users\chris> gpg --edit-key peter
gpg (GnuPG) 2.4.5; Copyright (C) 2024 g10 Code GmbH
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.

Secret key is available.

sec  ed25519/7DA38DF695D8428F
      created: 2024-04-03  expires: 2027-04-03  usage: SC
      trust: ultimate      validity: undefined
ssb  cv25519/031A6453BCA5E459
      created: 2024-04-03  expires: 2027-04-03  usage: E
[  undef ] (1). Peter

So the trust is still ultimate but the validity is gone

Back to Kleopatra:
delete paul
Peter is back to certified again
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.wald.intevation.org/pipermail/gpg4win-users-en/attachments/20240403/759c9dbf/attachment.html>

More information about the Gpg4win-users-en mailing list