From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <bug-guix-bounces+larch=yhetil.org@gnu.org>
Received: from mp0.migadu.com ([2001:41d0:303:e16b::])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits))
	by ms13.migadu.com with LMTPS
	id IB0FBAhlhWbbIAEAqHPOHw:P1
	(envelope-from <bug-guix-bounces+larch=yhetil.org@gnu.org>)
	for <larch@yhetil.org>; Wed, 03 Jul 2024 14:49:44 +0000
Received: from aspmx1.migadu.com ([2001:41d0:303:e16b::])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits))
	by mp0.migadu.com with LMTPS
	id IB0FBAhlhWbbIAEAqHPOHw
	(envelope-from <bug-guix-bounces+larch=yhetil.org@gnu.org>)
	for <larch@yhetil.org>; Wed, 03 Jul 2024 16:49:44 +0200
X-Envelope-To: larch@yhetil.org
Authentication-Results: aspmx1.migadu.com;
	dkim=fail ("headers rsa verify failed") header.d=lendvai.name header.s=protonmail2 header.b=LCi+vwHo;
	spf=pass (aspmx1.migadu.com: domain of "bug-guix-bounces+larch=yhetil.org@gnu.org" designates 209.51.188.17 as permitted sender) smtp.mailfrom="bug-guix-bounces+larch=yhetil.org@gnu.org";
	dmarc=fail reason="SPF not aligned (relaxed)" header.from=lendvai.name (policy=none)
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=yhetil.org;
	s=key1; t=1720018184;
	h=from:from:sender:sender:reply-to:subject:subject:date:date:
	 message-id:message-id:to:to:cc:mime-version:mime-version:
	 content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding:resent-cc:
	 resent-from:resent-sender:resent-message-id:list-id:list-help:
	 list-unsubscribe:list-subscribe:list-post:dkim-signature;
	bh=vBiEjs8QV4p0CcvMURugMiVe6/DjLQ+msT6fX5+xsq8=;
	b=dPXNF6hGNEuokRBUOz2X+JZTCDanjAiLiYrv9q/r1xCjpgoN/dQklB5Yidy1nehT/XphC3
	0InrAgZQcBKzrvpViq1pgHVr96MdICFVvg6DhzrQDozn43tcYljbWvjvov5JamXM3bmTLR
	2vr4UGDhPXcYTCOWpIrCopVMTbF8M3BFkHiIBHUB7PyojSzhR4MGoDET8dHRH6ylTEgzBv
	R2U+Kd2uD0PL7z1idk4Nw9UbXJ5j4razU3sMdNMW5tZcaf2F5+YWA8FTIkcF11FpQI7aL9
	t8Zrj9EWXT6sKZv4l5SvYDs8fHG06Lv8A6ngg3tIQt6qrOvBBHqbkKnQfJlPfg==
ARC-Authentication-Results: i=1;
	aspmx1.migadu.com;
	dkim=fail ("headers rsa verify failed") header.d=lendvai.name header.s=protonmail2 header.b=LCi+vwHo;
	spf=pass (aspmx1.migadu.com: domain of "bug-guix-bounces+larch=yhetil.org@gnu.org" designates 209.51.188.17 as permitted sender) smtp.mailfrom="bug-guix-bounces+larch=yhetil.org@gnu.org";
	dmarc=fail reason="SPF not aligned (relaxed)" header.from=lendvai.name (policy=none)
ARC-Seal: i=1; s=key1; d=yhetil.org; t=1720018184; a=rsa-sha256; cv=none;
	b=WzrxkBVr65WbEaS48sBCcKkk0PPZXzBeYHTm3lxYLVyFyStvdfca4rguAfxE5kWpEgtGaP
	xubx3e9rowA2VYC4X2WbSruHZdyXRWj7G7CMV6QghhHZSg29E4fJeWIuzNA2my0Eeoyajq
	y4cYpTdYW/xrr73K6f49HcfBrOJ3OH9GSO9toJG1KhAzfaED5CYbWDD6dI0n3C66cnbrYg
	B1N/wY6pKS2xGPrY5OxV4+d7u1rt2Chs5k5jwIC95fNCVfGe7+6QZQ1cMd6VlLzsVZJ9xj
	vNHnsBbDSiX9SQzv+0h+ta8KR2sMf9qpv/zIYW6bPQpMZ4G5Ef9mqjPaV+oZ9g==
Received: from lists.gnu.org (lists.gnu.org [209.51.188.17])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by aspmx1.migadu.com (Postfix) with ESMTPS id 775C615C52
	for <larch@yhetil.org>; Wed,  3 Jul 2024 16:49:43 +0200 (CEST)
Received: from localhost ([::1] helo=lists1p.gnu.org)
	by lists.gnu.org with esmtp (Exim 4.90_1)
	(envelope-from <bug-guix-bounces@gnu.org>)
	id 1sP1I7-0005Fv-Dp; Wed, 03 Jul 2024 10:49:03 -0400
Received: from eggs.gnu.org ([2001:470:142:3::10])
 by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
 (Exim 4.90_1) (envelope-from <Debian-debbugs@debbugs.gnu.org>)
 id 1sP1I5-0005Ek-5b
 for bug-guix@gnu.org; Wed, 03 Jul 2024 10:49:01 -0400
Received: from debbugs.gnu.org ([2001:470:142:5::43])
 by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128)
 (Exim 4.90_1) (envelope-from <Debian-debbugs@debbugs.gnu.org>)
 id 1sP1I4-0007OE-TD
 for bug-guix@gnu.org; Wed, 03 Jul 2024 10:49:00 -0400
Received: from Debian-debbugs by debbugs.gnu.org with local (Exim 4.84_2)
 (envelope-from <Debian-debbugs@debbugs.gnu.org>) id 1sP1I6-0003PE-AJ
 for bug-guix@gnu.org; Wed, 03 Jul 2024 10:49:02 -0400
X-Loop: help-debbugs@gnu.org
Subject: bug#71918: [DOCUMENTATION] the suggested key import method for `guix
 refresh` doesn't work
Resent-From: Attila Lendvai <attila@lendvai.name>
Original-Sender: "Debbugs-submit" <debbugs-submit-bounces@debbugs.gnu.org>
Resent-CC: bug-guix@gnu.org
Resent-Date: Wed, 03 Jul 2024 14:49:02 +0000
Resent-Message-ID: <handler.71918.B.172001814113083@debbugs.gnu.org>
Resent-Sender: help-debbugs@gnu.org
X-GNU-PR-Message: report 71918
X-GNU-PR-Package: guix
X-GNU-PR-Keywords: 
To: 71918@debbugs.gnu.org
X-Debbugs-Original-To: "bug-guix@gnu.org" <bug-guix@gnu.org>
Received: via spool by submit@debbugs.gnu.org id=B.172001814113083
 (code B ref -1); Wed, 03 Jul 2024 14:49:02 +0000
Received: (at submit) by debbugs.gnu.org; 3 Jul 2024 14:49:01 +0000
Received: from localhost ([127.0.0.1]:40036 helo=debbugs.gnu.org)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <debbugs-submit-bounces@debbugs.gnu.org>)
 id 1sP1I4-0003Ox-S3
 for submit@debbugs.gnu.org; Wed, 03 Jul 2024 10:49:01 -0400
Received: from lists.gnu.org ([209.51.188.17]:42876)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <attila@lendvai.name>) id 1sP1I2-0003Oo-8D
 for submit@debbugs.gnu.org; Wed, 03 Jul 2024 10:48:59 -0400
Received: from eggs.gnu.org ([2001:470:142:3::10])
 by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
 (Exim 4.90_1) (envelope-from <attila@lendvai.name>)
 id 1sP1I0-0005BX-5S
 for bug-guix@gnu.org; Wed, 03 Jul 2024 10:48:56 -0400
Received: from mail-40136.proton.ch ([185.70.40.136])
 by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
 (Exim 4.90_1) (envelope-from <attila@lendvai.name>)
 id 1sP1Hw-0007LC-A9
 for bug-guix@gnu.org; Wed, 03 Jul 2024 10:48:55 -0400
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=lendvai.name;
 s=protonmail2; t=1720018119; x=1720277319;
 bh=vBiEjs8QV4p0CcvMURugMiVe6/DjLQ+msT6fX5+xsq8=;
 h=Date:To:From:Subject:Message-ID:Feedback-ID:From:To:Cc:Date:
 Subject:Reply-To:Feedback-ID:Message-ID:BIMI-Selector;
 b=LCi+vwHoH5UAAoLIMpSQvvv3DxO3OqMAZSnmi6U4EluTWt7QPs0jkGaMfeXJJPhDc
 kI66rRZQ1MZHD3i0lbRlQvCdbGawcBufSNQRpcLhoNVrcQ7LILsIrB16mgHOP2JS58
 CbOLh+VWoyL2d8DtXqw232QfehgjB4tZ66+G0KOrReHLOUns/gAx+B9oWvtTzIrDB+
 Uo7L0Pc1l2dU82tYRlmQINIjaP2Dv6pEBxcFG5PhoFpQsj07r4fOTIPJkZ/2wF+eMm
 Ne8OyK4/6ZO/rhPRncCvxIcW+ubQbyd53shRrjtJn09PkOqdX3DbbIkb552dIxuRLa
 xvM5FZh36e7aA==
Date: Wed, 03 Jul 2024 14:48:36 +0000
From: Attila Lendvai <attila@lendvai.name>
Message-ID: <_TcKcHLWR_gyyLDawENHrF2MiM71SNqvUuZrAMgUSnTZU_COPcAvJG2xT0eTt-uNZoEoD_OKqRnSSCEy_MIUId_LSGIZD_VSc_HVJ8YUdnE=@lendvai.name>
Feedback-ID: 28384833:user:proton
X-Pm-Message-ID: b16b5098d51776fcedafcfbab43d39972dc1345f
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: quoted-printable
Received-SPF: pass client-ip=185.70.40.136; envelope-from=attila@lendvai.name; 
 helo=mail-40136.proton.ch
X-Spam_score_int: -20
X-Spam_score: -2.1
X-Spam_bar: --
X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1,
 DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1,
 RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H4=0.001, RCVD_IN_MSPIKE_WL=0.001, 
 SPF_HELO_PASS=-0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no
X-Spam_action: no action
X-BeenThere: debbugs-submit@debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
X-BeenThere: bug-guix@gnu.org
List-Id: Bug reports for GNU Guix <bug-guix.gnu.org>
List-Unsubscribe: <https://lists.gnu.org/mailman/options/bug-guix>,
 <mailto:bug-guix-request@gnu.org?subject=unsubscribe>
List-Archive: <https://lists.gnu.org/archive/html/bug-guix>
List-Post: <mailto:bug-guix@gnu.org>
List-Help: <mailto:bug-guix-request@gnu.org?subject=help>
List-Subscribe: <https://lists.gnu.org/mailman/listinfo/bug-guix>,
 <mailto:bug-guix-request@gnu.org?subject=subscribe>
Errors-To: bug-guix-bounces+larch=yhetil.org@gnu.org
Sender: bug-guix-bounces+larch=yhetil.org@gnu.org
X-Migadu-Country: US
X-Migadu-Flow: FLOW_IN
X-Migadu-Queue-Id: 775C615C52
X-Migadu-Scanner: mx13.migadu.com
X-Migadu-Spam-Score: -5.49
X-Spam-Score: -5.49
X-TUID: pkfEaoc7GRZJ

context:
--------

i was trying to:

$ ./pre-inst-env guix refresh --update dropbear

but the key is not imported, because "no user ID". apparently some keyserve=
rs drop the user id for privacy reasons.


the problem:
------------

then i went to the manual, and it suggests:

$ gpg --export rms@gnu.org | kbxutil --import-openpgp >> mykeyring.kbx

and i ran:

$ curl https://matt.ucc.asn.au/dropbear/releases/dropbear-key-2015.asc | gp=
g --import
$ gpg --export F7347EF2EE2E07A267628CA944931494F29C6773 | kbxutil --import-=
openpgp >>~/.config/guix/upstream/trustedkeys.kbx

it ran without errors, but when i tried to guix refresh it failed with:

gpgv: [don't know]: invalid packet (ctb=3D00)

i double checked, and made sure the trustedkeys.kbx was empty prior to runn=
ing the above.


analysis:
---------

i ran the following after guix refresh has successfully imported the key:

$ gpg --export F7347EF2EE2E07A267628CA944931494F29C6773 | kbxutil --import-=
openpgp >x
$ file x
x: data
$ file ~/.config/guix/upstream/trustedkeys.kbx
/home/user/.config/guix/upstream/trustedkeys.kbx: OpenPGP Public Key Versio=
n 4, Created Mon Jun 29 12:53:01 2015, RSA (Encrypt or Sign, 4096 bits)
$ ll x
-rw-r--r-- 1 user users 1883 Jul  3 16:41 x
$ ll ~/.config/guix/upstream/trustedkeys.kbx
-rw-r--r-- 1 user users 1208 Jul  3 16:18 /home/user/.config/guix/upstream/=
trustedkeys.kbx

i.e. what the manual suggests results in a different file format than what =
guix refresh creates/expects.


workaround:
-----------

in the end i cleared the trustedkeys.kbx file, and i used another keyserver=
 that doesn't strip the ID:

./pre-inst-env guix refresh --key-server=3D"hkps://keyserver.ubuntu.com" --=
update dropbear

--
=E2=80=A2 attila lendvai
=E2=80=A2 PGP: 963F 5D5F 45C7 DFCD 0A39
--
=E2=80=9CGood people don=E2=80=99t need laws to tell them to act responsibl=
y, and bad people will find a way around the laws.=E2=80=9D
=09=E2=80=94 Plato (c. 427=E2=80=93347 BC)