Problems with v3 keys?

David Shaw dshaw@jabberwocky.com
Tue Feb 26 19:30:01 2002


On Tue, Feb 26, 2002 at 10:18:23AM -0800, Len Sassaman wrote:
> On Tue, 26 Feb 2002, David Shaw wrote:
> 
> > > And yes, I have allow-non-selfsigned-uid in my options file.
> >
> > The problem is the non-selfsigned uid.  The allow-non-selfsigned-uid
> > option allows you to import the key (which lets you use it to verify
> > signatures, etc).  It doesn't allow you to encrypt to it.
> 
> Ugh. That's broken behavior for allow-non-selfsigned-uid, isn't it?

It's documented that way ("This only allows the import - key
validation will fail and you have to check the validity of the key by
other means").

The fact that --always-trust doesn't let you use such a key is
certainly broken though :(

David

-- 
   David Shaw  |  dshaw@jabberwocky.com  |  WWW http://www.jabberwocky.com/
+---------------------------------------------------------------------------+
   "There are two major products that come out of Berkeley: LSD and UNIX.
      We don't believe this to be a coincidence." - Jeremy S. Anderson