subkey binding signature with no usage flags and/or a critical notation

Daniel Kahn Gillmor dkg at
Fri Mar 15 18:13:50 CET 2013

On 03/15/2013 10:52 AM, Werner Koch wrote:

> What about this untested patch against master:

I just tested it against 1.4.12, and it works for me:

0 dkg at alice:~/src/gnupg/usage-tests$ gpg --list-keys
uid:u::::1362476202::8A8AA0A65B6EC7E3D344786B37602CE3D91C1642::test key
with dsa subkey:
0 dkg at alice:~/src/gnupg/usage-tests$

thanks!  one minor note below:

> diff --git a/include/cipher.h b/include/cipher.h
> index 191e197..557ab70 100644
> --- a/include/cipher.h
> +++ b/include/cipher.h
> @@ -54,9 +54,14 @@
>  #define PUBKEY_USAGE_SIG     GCRY_PK_USAGE_SIGN  /* Good for signatures. */
>  #define PUBKEY_USAGE_ENC     GCRY_PK_USAGE_ENCR  /* Good for encryption. */
> -#define PUBKEY_USAGE_CERT    GCRY_PK_USAGE_CERT  /* Also good to certify keys. */
> +#define PUBKEY_USAGE_CERT    GCRY_PK_USAGE_CERT  /* Also good to certify keys.*/

^^ this whitespace change in the comments doesn't seem to be relevant or
necessary to me.

Do you think it's worth applying the small changeset i suggested earlier
that allows creation of all-zero usage flag subpacket as well, or is
that something that we should treat separately?


-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 1027 bytes
Desc: OpenPGP digital signature
URL: </pipermail/attachments/20130315/d37e0cf6/attachment.sig>

More information about the Gnupg-devel mailing list