Daiki Ueno writes: > Łukasz Stelmach writes: > >> The patch needed a fix: there was a space before tab and my name for the >> changelog has been messed up (maybe due to encoding issues?). > > Perhaps it is because I didn't use attachment, but just inserted the > patch into the mail. It will be fixed in the git commit. > >> There are two more issues: >> >> 1. mml2015-find-usable-key is called from >> mml2015-epg-find-usable-secret-key. Your patch hasn't changed the >> invocation. > > Oops, right. Thanks for pointing this out. > >> 2. IMHO mml2015-epg-check-user-id should return true if a key id is >> passed as a uid to check. I assume that if a caller passes id to >> mml2015-find-usable-key find > > Yes, > >> + (string-match >> + "^\\(0x\\)?[[:xdigit:]]\\{8\\}\\([[:xdigit:]]\\{8\\}\\)?$" >> + recipient)) > > I think this can be simplified to: > > (not (string-match "\\`<" recipient)) > > since all the mml2015-epg-* functions normalize recipient addresses in > the form of "", so they only match email addresses. Indeed, however I still think we should check this the hard way: return t if and *only* if it is a key-id. The simpler check *might* result in information disclosure if a message is encrypted to a revoked uid. PS. This is a followup to some direct e-mails. -- Miłego dnia, Łukasz