[PATCH] g10: Skip signing keys where no secret key is available.
Daniel Kahn Gillmor
dkg at fifthhorseman.net
Wed Apr 26 03:27:41 CEST 2017
On Mon 2017-02-06 09:57:59 +0100, Patrick Brunschwig wrote:
> Would this patch still issue a "MISSING_KEY" line for --status-fd? If
> no, you break existing logic (which for example Enigmail relies on).
in what case does enigmail expect a "MISSING_KEY" line? the scenario is
that the user has a primary key A and two valid, non-expired,
signing-capable subkeys, B and C. C is the newer subkey, and the user
has specified that they want to sign with A. We'd like to go ahead and
sign with B if it is available and C is missing.
What should enigmail do in that case with a MISSING_KEY line? shouldn't
it just accept that a valid signature has been made?
I've pushed the proposed fix to a new git branch dkg/T1967, and updated
https://dev.gnupg.org/T1967 to note that branch.
--dkg
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 832 bytes
Desc: not available
URL: </pipermail/attachments/20170425/6c9dfc9c/attachment.sig>
More information about the Gnupg-devel
mailing list