Prefer a currently available signing subkey?

Juan Miguel Navarro Martínez juanmi.3000 at
Thu Apr 20 02:36:16 CEST 2017

On 2017-04-19 at 17:46, Daniel Kahn Gillmor wrote:
> The open report is

Is it possible that is a duplicate of this report too?

Both are about a capable subkey not being used on GnuPG Modern branch
because it prefers a subkey with its missing secret part. Plus there was
a patch which seemed to work for 2.1.18.

It would be nice for that bug or regression from 1.4/2.0 due to the
change of secret keyring to finally be fixed or, if it was not a bug, a
feature to be added, as the only workarounds are:

- Using `-u $SubkeyFingerprint!` which works if you only use GnuPG CLI.
  Git, Enigmail or other tools are a no-go.

- Using `default-key $SubkeyFingerprint!` which is a pain if you have
  two master keys.

- Delete the subkey public parts for the missing subkeys which is
  boring to do after each `gpg --refresh`.

- Forget about having multiple subkeys with the same capabilities cause
  that's a no-go if you don't like the previous workarounds.

Juan Miguel Navarro Martínez

GPG Keyfingerprint:
5A91 90D4 CF27 9D52 D62A
BC58 88E2 947F 9BC6 B3CF

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 488 bytes
Desc: OpenPGP digital signature
URL: </pipermail/attachments/20170420/a1d6f769/attachment.sig>

More information about the Gnupg-users mailing list