GNU bug report logs -
#13551
24.3.50; epa-mail-encrypt chooses wrong key
Previous Next
Reported by: rms <at> gnu.org
Date: Fri, 25 Jan 2013 21:33:01 UTC
Severity: wishlist
Found in version 24.3.50
Full log
Message #27 received at 13551 <at> debbugs.gnu.org (full text, mbox):
[[[ To any NSA and FBI agents reading my email: please consider ]]]
[[[ whether defending the US Constitution against all enemies, ]]]
[[[ foreign or domestic, requires you to follow Snowden's example. ]]]
> Emacs cannot possibly know that when you send to "arthur", that that
> email will eventually end up going to "arthur <at> gnu.org".
Sure it can. It could get the domain from mail-host-address. We
could also create another variable specifically to control this.
The current behavior, as you described it, is not much better
security. It is unpredictable in practice for the user. However,
I am not sure how much security issue there is in sending A a message
encrypted for B. Nobody can decrypt that message.
I have seen reason to think that the current behavior doesn't match
what you described. I entered "To: rms" and encrypted the message.
It recognized that was me, rms <at> gnu.org, and encrypted with my key.
It did this even though my key does not list 'rms' with no host name as
an address (as far as I can tell).
gpg --edit-key rms <at> gnu.org gave me this:
pub 4096R/2C6464AF2A8E4C02 created: 2013-07-20 expires: never usage: SC
...
sub ...
[ultimate] (1). Richard Stallman <rms <at> gnu.org>
If the key had another address, wouldn't it be listed there?
In addition, after I run the encryption command,
plain 'rms' has been edited into 'rms <at> gnu.org'. How does it know
to make that change?
--
Dr Richard Stallman
Founder, Free Software Foundation (https://gnu.org, https://fsf.org)
Internet Hall-of-Famer (https://internethalloffame.org)
This bug report was last modified 123 days ago.
Previous Next
GNU bug tracking system
Copyright (C) 1999 Darren O. Benham,
1997,2003 nCipher Corporation Ltd,
1994-97 Ian Jackson.