[PATCH] g10: Skip signing keys where no secret key is available.
Patrick Brunschwig
patrick at enigmail.net
Wed Apr 26 08:22:31 CEST 2017
On 26.04.17 03:27, Daniel Kahn Gillmor wrote:
> On Mon 2017-02-06 09:57:59 +0100, Patrick Brunschwig wrote:
>> Would this patch still issue a "MISSING_KEY" line for --status-fd? If
>> no, you break existing logic (which for example Enigmail relies on).
>
> in what case does enigmail expect a "MISSING_KEY" line? the scenario is
> that the user has a primary key A and two valid, non-expired,
> signing-capable subkeys, B and C. C is the newer subkey, and the user
> has specified that they want to sign with A. We'd like to go ahead and
> sign with B if it is available and C is missing.
>
> What should enigmail do in that case with a MISSING_KEY line? shouldn't
> it just accept that a valid signature has been made?
>
> I've pushed the proposed fix to a new git branch dkg/T1967, and updated
> https://dev.gnupg.org/T1967 to note that branch.
Sorry, I meant INV_SGNR. Enigmail looks for this when a message is
supposed to be signed but there is no suitable key.
-Patrick
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: OpenPGP digital signature
URL: </pipermail/attachments/20170426/66f335d0/attachment-0001.sig>
More information about the Gnupg-devel
mailing list