[PATCH] g10: Skip signing keys where no secret key is available.

Patrick Brunschwig patrick at enigmail.net
Wed Apr 26 08:22:31 CEST 2017


On 26.04.17 03:27, Daniel Kahn Gillmor wrote:
> On Mon 2017-02-06 09:57:59 +0100, Patrick Brunschwig wrote:
>> Would this patch still issue a "MISSING_KEY" line for --status-fd? If
>> no, you break existing logic (which for example Enigmail relies on).
> 
> in what case does enigmail expect a "MISSING_KEY" line?  the scenario is
> that the user has a primary key A and two valid, non-expired,
> signing-capable subkeys, B and C.  C is the newer subkey, and the user
> has specified that they want to sign with A.  We'd like to go ahead and
> sign with B if it is available and C is missing.
> 
> What should enigmail do in that case with a MISSING_KEY line?  shouldn't
> it just accept that a valid signature has been made?
> 
> I've pushed the proposed fix to a new git branch dkg/T1967, and updated
> https://dev.gnupg.org/T1967 to note that branch.

Sorry, I meant INV_SGNR. Enigmail looks for this when a message is
supposed to be signed but there is no suitable key.

-Patrick


-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: OpenPGP digital signature
URL: </pipermail/attachments/20170426/66f335d0/attachment-0001.sig>


More information about the Gnupg-devel mailing list