I found an interesting KGPG problem. Could someone confirm this?
I use KPG version 2.14.1 (openSUSE 13.2 default):
> kgpg --version Qt: 4.8.6 KDE: 4.14.9 KGpg: 2.14.1
> cat /etc/os-release NAME=openSUSE VERSION="13.2 (Harlequin)" VERSION_ID="13.2" PRETTY_NAME="openSUSE 13.2 (Harlequin) (x86_64)"
The fingerprint of security@suse.de in gpg2:
> gpg2 --edit-key 58FC58B1317CD502 gpg (GnuPG) 2.0.26; Copyright (C) 2013 Free Software Foundation, Inc. This is free software: you are free to change and redistribute it. There is NO WARRANTY, to the extent permitted by law.
gpg: enabled debug flags: memstat
pub 4096R/0x58FC58B1317CD502 created: 2014-10-02 expires: never usage: SC trust: marginal validity: full sub 4096R/0x457446950DE80E03 created: 2014-10-02 expires: never usage: E [ full ] (1). SUSE Security Team
gpg> fpr pub 4096R/0x58FC58B1317CD502 2014-10-02 SUSE Security Team
Primary key fingerprint: E502 243D F6B7 E939 EA1B 4A0E 58FC 58B1 317C D502
The same fingerprint in KGPG:
Key properties: SUSE Security Team Key ID: 58FC58B1317CD502 Comment: none Creation: 02.10.2014 Expiration: Unlimited Trust: Full Owner trust: Marginally Algorithm: RSA/RSA Length: 4096/4096 Capabilities Signature, Encryption, Certification
Fingerprint
C2FE 18E6 D4A7 021A 787C B734 4574 4695 0DE8 0E03
Greetings, Björn
-- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
-----Ursprüngliche Nachricht Ende----- Sorry I do not get it. Where do you see a problem? The first key is the one probably in a safe place, the public key was exported, then a subkey for signing was generated probably on a smartcard, , kgpg then reports for what I see here the subkey. The fingerprint of the subkey is reported in short form
Kgpg states
C2FE 18E6 D4A7 021A 787C B734 4574 4695 0DE8 0E03 sub 4096R / 0x 4574 4695 0DE8 0E03
So, where do you see a problem here? Seems all right to me. The problem is that KGPG shows some kind of fingerprint, maybe the fingerprint of a subkey like you wrote.
But I need fingerprints to verify the correct transmission of public
keys.
The correct fingerprint of the SUSE Security Team is (see
https://en.opensuse.org/openSUSE:Security_team):
pub 4096R/317CD502 2014-10-02
Key fingerprint = E502 243D F6B7 E939 EA1B 4A0E 58FC 58B1 317C D502
uid [ full ] SUSE Security Team