[Enigmail] Keyservers mangle with subkey binding sigs (was Re: Sub-Key Look-Up)

[Jan Steffen]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Vlad "SATtva" Miller schrieb:
| John W. Moore III wrote on 18.01.2008 23:08:
|> Patrick Brunschwig wrote:
|
|>>> That's only a SUB-key ID. You'd have to look for my public key
|> 0xE443D6D8
|
|> I Searched hkp://pool.sks-keyservers.net for the sub-Key ID and was
|> rewarded with the complete Key.  :-D
|
| While on the topic of subkeys and keyservers, a couple of weeks ago I've
| discovered a weird thing. My key 0x8443620A consists of a main
| certification key and two subkeys: one for encryption and one for signing.
|
| Both subkeys have expired in the end of the last year, but I've chosen
| not to generate new and to simply extend life of existing subkeys for
| another few years, so I've re-signed them with extended expiration date
| and updated to keyservers. A few days later one of my correspondents
| contacted me saying that my key is expired and unusable. I've looked at
| keyservers, and was very surprised that they're not reflecting the
| changes made!

I'm not too deep into subkeys, but I just downloaded your key 0x8443620A
from a keyserver and it had tow subkeys 0x070E0B73 and 0x7D57ED51 both
valid till 1.1.2010.
But the self-signs on all the different Sub-IDs are expired on 5.1.2008.
All this didn't change when I imported the key from www.vladmiller.info

So my hint is to sign all the IDs too.

HTH, Jan
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.7 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQFHkfloSa1Uad4+pFcRCNxXAJ4piPn4vGfX3WKONZaIEJ9sm8QsMwCcDHWS
EXmCohuQmfEWa+KNOvlBH4s=
=ggVs
-----END PGP SIGNATURE-----