bin/46930: netpgpverify reports right signatures as invalid

[gnrp%komkon2.de@localhost]

>Number:         46930
>Category:       bin
>Synopsis:       netpgpverify reports right signatures as invalid
>Confidential:   no
>Severity:       non-critical
>Priority:       medium
>Responsible:    bin-bug-people
>State:          open
>Class:          sw-bug
>Submitter-Id:   net
>Arrival-Date:   Sun Sep 09 12:50:00 +0000 2012
>Originator:     Julian Fagir
>Release:        6.0_RC1
>Organization:
>Environment:
NetBSD  6.0_RC1 NetBSD 6.0_RC1 (GENERIC) i386
>Description:
Trying to verify the signature of the hashfile, netpgpverify returns it being 
invalid, while gpg itself marks it as valid.
>How-To-Repeat:
$ ftp 
ftp://ftp.netbsd.org/pub/NetBSD/security/PGP/security-officer%netbsd.org.asc@localhost
$ gpg --import 'security-officer%netbsd.org.asc@localhost'
$ ftp ftp://ftp.netbsd.org/pub/NetBSD/security/hashes/NetBSD-6.0_RC1_hashes.asc
$ netpgpverify --verify NetBSD-6.0_RC1_hashes.asc 
"NetBSD-6.0_RC1_hashes.asc": verification failure: 1 invalid signatures, 0 
unknown signatures
$ gpg --verify NetBSD-6.0_RC1_hashes.asc 
gpg: Signature made Thu Aug 23 20:47:50 2012 CEST using RSA key ID 4C4A706E
gpg: Good signature from "NetBSD Security Officer 
<security-officer%NetBSD.org@localhost>"
gpg: WARNING: This key is not certified with a trusted signature!
gpg:          There is no indication that the signature belongs to the owner.
Primary key fingerprint: DDEE 2BDB 9C98 A0D1 D4FB  DBF7 0649 73AC 4C4A 706E
>Fix: