From mboxrd@z Thu Jan 1 00:00:00 1970 X-Msuck: nntp://news.gmane.io/gmane.emacs.gnus.general/82904 Path: news.gmane.org!not-for-mail From: Daiki Ueno Newsgroups: gmane.emacs.gnus.general Subject: Re: [BUG] mml2015-epg-find-usable-key finds unusable key Date: Sun, 17 Feb 2013 12:12:49 +0900 Message-ID: <878v6nskem.fsf-ueno@gnu.org> References: <87fw106la1.fsf%stlman@poczta.fm> <87bobk85tv.fsf%stlman@poczta.fm> <871ucg6k2g.fsf%stlman@poczta.fm> NNTP-Posting-Host: plane.gmane.org Mime-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable X-Trace: ger.gmane.org 1361070844 3704 80.91.229.3 (17 Feb 2013 03:14:04 GMT) X-Complaints-To: usenet@ger.gmane.org NNTP-Posting-Date: Sun, 17 Feb 2013 03:14:04 +0000 (UTC) Cc: ding@gnus.org To: =?utf-8?Q?=C5=81ukasz?= Stelmach Original-X-From: ding-owner+M31170@lists.math.uh.edu Sun Feb 17 04:14:26 2013 Return-path: Envelope-to: ding-account@gmane.org Original-Received: from util0.math.uh.edu ([129.7.128.18]) by plane.gmane.org with esmtp (Exim 4.69) (envelope-from ) id 1U6uht-0004u8-RJ for ding-account@gmane.org; Sun, 17 Feb 2013 04:14:26 +0100 Original-Received: from localhost ([127.0.0.1] helo=lists.math.uh.edu) by util0.math.uh.edu with smtp (Exim 4.63) (envelope-from ) id 1U6ugY-0002XQ-9F; Sat, 16 Feb 2013 21:13:02 -0600 Original-Received: from mx1.math.uh.edu ([129.7.128.32]) by util0.math.uh.edu with esmtps (TLSv1:AES256-SHA:256) (Exim 4.63) (envelope-from ) id 1U6ugV-0002XA-GH for ding@lists.math.uh.edu; Sat, 16 Feb 2013 21:12:59 -0600 Original-Received: from quimby.gnus.org ([80.91.231.51]) by mx1.math.uh.edu with esmtps (TLSv1:AES256-SHA:256) (Exim 4.76) (envelope-from ) id 1U6ugT-00069n-Mp for ding@lists.math.uh.edu; Sat, 16 Feb 2013 21:12:58 -0600 Original-Received: from fencepost.gnu.org ([208.118.235.10] ident=Debian-exim) by quimby.gnus.org with esmtp (Exim 4.72) (envelope-from ) id 1U6ugS-0005s1-2p for ding@gnus.org; Sun, 17 Feb 2013 04:12:56 +0100 Original-Received: from [2001:e41:db5e:fb14::1] (port=43566 helo=debian) by fencepost.gnu.org with esmtpsa (TLS1.0:DHE_RSA_AES_128_CBC_SHA1:16) (Exim 4.71) (envelope-from ) id 1U6ugP-0003CH-R9; Sat, 16 Feb 2013 22:12:54 -0500 In-Reply-To: <871ucg6k2g.fsf%stlman@poczta.fm> (=?utf-8?Q?=22=C5=81ukasz?= Stelmach"'s message of "Sat, 16 Feb 2013 22:11:03 +0100") User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/23.4 (gnu/linux) X-Spam-Score: -7.9 (-------) List-ID: Precedence: bulk Xref: news.gmane.org gmane.emacs.gnus.general:82904 Archived-At: =C5=81ukasz Stelmach writes: >>> + (string-match >>> + "^\\(0x\\)?[[:xdigit:]]\\{8\\}\\([[:xdigit:]]\\{8\\}\\)?$" >>> + recipient)) >> >> I think this can be simplified to: >> >> (not (string-match "\\`<" recipient)) >> >> since all the mml2015-epg-* functions normalize recipient addresses in >> the form of "", so they only match email addresses. > > Indeed, however I still think we should check this the hard way: return > t if and *only* if it is a key-id. The simpler check *might* result in > information disclosure if a message is encrypted to a revoked uid. Sorry, I don't quite understand here. What's the senario you are thinking of? I think the only case RECIPIENT doesn't start with "<" is, a user sets mml2015-signers manually. How does it cause information disclosure? Regards, --=20 Daiki Ueno