GNU bug report logs - #7797
24.0.50; [EasyPG/Gnus] always pick up the first key from `gpg --list-key $SENDER`

Previous Next

Packages: emacs, gnus;

Reported by: Luca Capello <luca <at> pca.it>

Date: Thu, 6 Jan 2011 23:24:02 UTC

Severity: normal

Found in version 24.0.50

Done: Chong Yidong <cyd <at> stupidchicken.com>

Bug is archived. No further changes may be made.

Full log

Message #16 received at 7797 <at> debbugs.gnu.org (full text, mbox):

From: Luca Capello <luca <at> pca.it>
To: Daiki Ueno <ueno <at> unixuser.org>
Cc: rfrancoise <at> debian.org, Ashish SHUKLA <wahjava.ml <at> gmail.com>,
	Daniel Dehennin <daniel.dehennin <at> baby-gnu.org>, 7797 <at> debbugs.gnu.org
Subject: Re: bug#7797: 24.0.50;
	[EasyPG/Gnus] always pick up the first key from `gpg --list-key
	$SENDER`
Date: Fri, 07 Jan 2011 11:17:57 +0100

[Message part 1 (text/plain, inline)]
reopen 7797
thanks

Hi Daiki!

On Fri, 07 Jan 2011 10:34:59 +0100, Daiki Ueno wrote:
> Daiki Ueno <ueno <at> unixuser.org> writes:
>
>> Luca Capello <luca <at> pca.it> writes:
>>
>>> gpg: skipped "8D3867D89DDB992B": unusable secret key
>>> gpg: signing failed: unusable secret key
>>
>> You may want to try the patch I posted last month:
>> http://lists.gnu.org/archive/html/emacs-devel/2010-12/msg00624.html

Thank you for the link, I was quite disappointed no one reported it on
the GNU BTS.  I added both Ashish and Daniel to the cc:, discussion
requested below.

>> Although this patch is a workaround, I'm going to push it for the time
>> being.
>
> OK, I fixed this in a better way (r102771).

Please, can you post it here, so I do not have to download the bzr
repository?  The Savannah bzr repository is disabled
<http://bzr.savannah.gnu.org/lh/emacs> and the Launhpad one
<http://bazaar.launchpad.net/~vcs-imports/emacs/trunk/files> does not
have it yet.

> My test case is:
>
> $ mv .gnupg .gnupg.bak
> $ gpg --gen-key # create a key foo <at> example.com
> $ gpg --gen-key # create a key bar <at> example.com
> $ gpg --gen-key # create a key baz <at> example.com
> $ gpg --edit-key foo <at> example.com # revoke foo <at> example.com
> $ gpg --delete-secret-key bar <at> example.com
>
> (mml2015-epg-find-usable-secret-key
>   (epg-make-context 'OpenPGP) "foo <at> example.com" 'sign)
> => nil
> (mml2015-epg-find-usable-secret-key
>   (epg-make-context 'OpenPGP) "bar <at> example.com" 'sign)
> => nil
> (mml2015-epg-find-usable-secret-key
>   (epg-make-context 'OpenPGP) "baz <at> example.com" 'sign)
> => (epg-key . ...)

I am sorry, but I still think this is not the correct solution, thus I
reopened the bug (control server bcc:ed).  I think the cases should be
the following, which I have (sort of) explained in my first post and it
is similar to Ashish's one at:

  <http://lists.gnu.org/archive/html/emacs-devel/2010-12/msg00612.html>

1) by default, EasyPG does not pass any key-id to GnuPG, simply relying
   on ~/.gnupg/gpg.conf.  After all, GnuPG configuration is done there,
   and *by default* all the other programs working with GnuPG should
   obey that configuration.

   And this is how I read `mm-sign-option':

     Option how to create signed parts.
     nil, use the default keys without asking;
     `guided', let you select signing keys from the menu.

   However, `mm-encrypt-option' contains the real behavior according to
   the code:

     Option of creating encrypted parts.
     nil, use the first public-key matching the "From:" header as the
      recipient;
     `guided', ask user to select recipient keys from the menu.
   
2) if `mml2015-signers' is set, it overrides point 1.

   BTW1, the documentation for that variable should be corrected: AFAIK
   you can set it to multiple keys, which means that the documentation
   should read "A list of your own key ID(s)...", note the plural.

   BTW2, this variable is not mentioned in any file in the doc/ folder,
   which is another bug.

3) introduce a new `mml2015-use-from-address' variable:
   - if set, it then acts like the way you explain above.
   - if not set, nothing changes WRT to points 1 and 2.

4) introduce also a new `mml2015-default-user-id' variable, which, if
   set, overrides *everything* from the above, similar to
   `pgg-default-user-id' reported by Ashish at the link above.

I would have wanted to reply only after having implemented my solution,
but since I am quite busy right now (and I will be for the whole next
week as well), it is better to put here my ideas *now*.  For this
reason, I have probably missed something of the whole situation, thus
please forgive me.

Thx, bye,
Gismo / Luca

[Message part 2 (application/pgp-signature, inline)]
This bug report was last modified 14 years and 182 days ago.

Previous Next

GNU bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.