GNU bug report logs - #40118
27.0.90; Signing emails with gpg

Previous Next

Package: emacs;

Reported by: Sharon Kimble <boudiccas <at> skimble.plus.com>

Date: Wed, 18 Mar 2020 14:52:01 UTC

Severity: normal

Tags: fixed

Found in version 27.0.90

Fixed in versions 27.2, 28.1

Done: Lars Ingebrigtsen <larsi <at> gnus.org>

Bug is archived. No further changes may be made.

Full log

Message #17 received at 40118 <at> debbugs.gnu.org (full text, mbox):

From: Robert Pluim <rpluim <at> gmail.com>
To: Eli Zaretskii <eliz <at> gnu.org>
Cc: stepnem <at> gmail.com, 40118 <at> debbugs.gnu.org, boudiccas <at> skimble.plus.com
Subject: Re: bug#40118: 27.0.90; Signing emails with gpg
Date: Thu, 16 Apr 2020 11:44:51 +0200

>>>>> On Wed, 15 Apr 2020 19:45:27 +0300, Eli Zaretskii <eliz <at> gnu.org> said:

    >> From: Robert Pluim <rpluim <at> gmail.com>
    >> Date: Wed, 15 Apr 2020 18:37:51 +0200
    >> Cc: 40118 <at> debbugs.gnu.org, Sharon Kimble <boudiccas <at> skimble.plus.com>
    >> 
    >> mml-secure-smime-sign-with sender has no effect when signing with pgp,
    >> you'd need to set mml-secure-openpgp-sign-with-sender.
    >> 
    >> I can adjust the message easily enough, but I honestly think both of
    >> those variables should default to t, not nil. And I think we should do
    >> that in emacs-27 [1]. Eli?

    Eli> I don't think I understand the issue well enough to have an opinion on
    Eli> its merits and demerits.

In emacs-26, mml-secure-epg-sign could specify that a message should
be signed with a key based on the senderʼs email address. If the
variable governing that was nil, it was left to gpg to figure out the
key to use. Normally that means gpg uses its default key.

In emacs-27, mml-secure-epg-sign now checks explicitly whether that
variable is nil, and refuses to continue. With an error message that
in at least 50% of the cases points the user to the wrong user
option. This is a regression from emacs-26.

Fixing the error message is easy. Iʼm proposing that by default the
senderʼs email address is used to determine the key to use, since
thatʼs what almost everyone will want. People who donʼt want that can
control the behaviour by either adding keys to
'mml-secure-openpgp-signers' or by setting 'mm-sign-option' to
'guided.

Robert
This bug report was last modified 4 years and 236 days ago.

Previous Next

GNU bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.