Problems with v3 keys?
David Shaw
dshaw@jabberwocky.com
Tue Feb 26 19:30:01 2002
On Tue, Feb 26, 2002 at 10:18:23AM -0800, Len Sassaman wrote:
> On Tue, 26 Feb 2002, David Shaw wrote:
>
> > > And yes, I have allow-non-selfsigned-uid in my options file.
> >
> > The problem is the non-selfsigned uid. The allow-non-selfsigned-uid
> > option allows you to import the key (which lets you use it to verify
> > signatures, etc). It doesn't allow you to encrypt to it.
>
> Ugh. That's broken behavior for allow-non-selfsigned-uid, isn't it?
It's documented that way ("This only allows the import - key
validation will fail and you have to check the validity of the key by
other means").
The fact that --always-trust doesn't let you use such a key is
certainly broken though :(
David
--
David Shaw | dshaw@jabberwocky.com | WWW http://www.jabberwocky.com/
+---------------------------------------------------------------------------+
"There are two major products that come out of Berkeley: LSD and UNIX.
We don't believe this to be a coincidence." - Jeremy S. Anderson