[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: Error processing Fedora Account System email



On Sat, Jun 30, 2007 at 09:15:17AM -0500, Dennis Gilmore wrote:
> Once upon a time Saturday 30 June 2007, Axel Thimm wrote:
> 
> > a) I replied to the "amazingly stupid" mail I received and got the
> >    above reply, at the very least the From/Reply-To was broken.
> >
> > b) I did sign the mail and the gpg key is actually the one registred
> >    at FAS, I just checked my FAS details.
> 
> Axel, 
> 
> on every email you send i get "Message was signed by 
> Axel Thimm physik fu-berlin de (Key ID: 0x401552D4639A99F1).
> Warning: The signature is bad."   perhaps thats what happened.

Hm, you either never refresh the public key cache, or your MUA/the gpg
checking script can't cope with multiple uids in a key (unlikely, but
has happened in rpm code before, so it's always worth checking).

Try

gpg --refresh-keys

and see what happens. I bet at least your MUA will get back to senses.

> any way its not something that should have happened and we will have
> to try and determine why you got emailed in the first place.

But let me add

c) why on earth is my reply to the broken cron job being gpg checked
   at the first place?

Let me recapitulate:

o Some scripts decides that I don't have a bufgzilla account and sends
  me instructiosn to setup a bugzilla account under the name of my
  already exiting bugzilla acount. OK, a bug in the script with a
  false positive.

o Replying to the mail applies some gpg checking to it (???). I would
  expect the destination of automated mail to be either noreply or if
  not to reach some person that can fix it. But somehow the
  destination is a gpg checking script, perhaps a mismatch of
  addresses (in the orginal script-mail) and the mail was sent to the
  CLS checking script ...

o Finally the gpg check fails on a valid signature. Perhaps because
  the public gpg cache was filled with my key ages ago, perhaps
  because it now fails to detect multiple uids in the key (which was
  the same when I signed the CLA, so it would be a regression).

Now three bugs in one? Why, am I a lucky bastard.
-- 
Axel.Thimm at ATrpms.net

Attachment: pgp9peYvk2Me2.pgp
Description: PGP signature


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]