Key selection bug in 1.0.6a

[David Shaw]

--Kj7319i9nmIyA2yE
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

Hi,

I found a bug with the key selection code in 1.0.6a.  In 1.0.6, GnuPG
has a "bias" toward subkeys - if you have a subkey capable of
signatures, gpg will use it instead of the main signing key unless you
stick a ! on the keyid to show you meant to use the main signing key.

In 1.0.6a, the ! feature does not seem to work, so if you have a
subkey capable of signatures, you can never use the main key.

As an incidental question: I can see the point in using the subkey by
default when making signatures on documents, but is this the right
default for signing other keys?  I'm concerned that eventually people
are going to start stripping old revoked or expired subkeys from their
keys, and that will hurt the web of trust.

David

--=20
   David Shaw  |  dshaw@jabberwocky.com  |  WWW http://www.jabberwocky.com/
+--------------------------------------------------------------------------=
-+
   "There are two major products that come out of Berkeley: LSD and UNIX.
      We don't believe this to be a coincidence." - Jeremy S. Anderson

--Kj7319i9nmIyA2yE
Content-Type: application/pgp-signature
Content-Disposition: inline

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (GNU/Linux)
Comment: For info see http://www.gnupg.org

iQEVAwUBO5lI1Yccwqs8s7QVAQFFHwf/WKf1EFOoT/Xm88NTBA7Ps6FB4ur8MXRz
W+0QIXjdEcE3dFhGF0EK1OlGdCr0WKbpXPh+RDSodg3EkOEsQZ8926KyrW5zZ7o9
1KZZ8ApkC4/0KOqGLxTySrdLX1iTOBDxRoQa1tSF0FF2aT3t/grRhEd6reuulGHZ
XpRhPKNF6Tv/y1b3BiN5OF62ISXRi0CYh6ovuKmX2AfI3Qnue1pftDdd/fUuFfIR
PEA4xFgMegXjD6MFvxf7+Be1xH19BKxta9T7I8aidiuW839Iw+dgRcqB9yUOtzR9
1caf/3O4J4hSTAmN42B+84T9v83r8WytxG67HvqPaWHmkUAhKb7baw==
=4JO2
-----END PGP SIGNATURE-----

--Kj7319i9nmIyA2yE--