Re: pgg doesn't mention that the signature is untrusted

Gnus development mailing list
 help / color / mirror / Atom feed

From: Mark Trettin <mtr-dev0@gmx.de>
Subject: Re: pgg doesn't mention that the signature is untrusted
Date: Thu, 17 Oct 2002 12:57:05 +0200	[thread overview]
Message-ID: <m3n0pd1gfy.fsf@beldin.mt743742.dialup.rwth-aachen.de> (raw)
In-Reply-To: <iluy99538yi.fsf@latte.josefsson.org> (Simon Josefsson's message of "Fri, 11 Oct 2002 06:17:41 +0200")

* On: Fri, 11 Oct 2002 06:17:41 +0200 Simon Josefsson writes:

[ sorry for the late response ]

> Josh Huber <huber@alum.wpi.edu> writes:
>> Simon Josefsson <jas@extundo.com> writes:
>> 
>>> Not here, it seems to be a bug; PGG stores the passphrase on the key
>>> ID actually used by GnuPG to sign something, but it later looks up
>>> the passphrase using the first private key ID from
>>> --list-secret-keys.  This didn't work for me as I have many secret
>>> keys.  Hm.  Shouldn't be difficult to fix, I think.
>> 
>> Perhaps it works for me because of this configuration?
>> 
>> (setq jmh::primary-key "6B21489A")
>> (setq pgg-passphrase-cache-expiry 300)
>> (setq pgg-default-user-id jmh::primary-key)

> Yes, I leave the `pgg-default-user-id' to its default value "jas",
> which matches several keys and PGG picks the first one which turns out
> to be a expired key I don't use anymore.  PGG should handle this
> without additional configuration IMHO.  I added it to my TODO list..

I figured out when caching works (for me) and when it doesn't.

It works for all mails *I* encrypted to¹ myself and another recipient.
But it does not work for mails that were encrypted by others *to* me
and themselves. Then PGG always asks me for the passphrase of the
sender's key-id. Tested with gpg v1.0.6 and v1.2.0.

,----
| [GNUPG:] ENC_TO 1DED9050DB90BB4A 16 0
| [GNUPG:] USERID_HINT 1DED9050DB90BB4A Mark Trettin <snipped>
| [GNUPG:] NEED_PASSPHRASE 1DED9050DB90BB4A AE51CC4123467AF1 16 0
| [GNUPG:] GOOD_PASSPHRASE
| [GNUPG:] ENC_TO 4138A8C151C7A0DB 16 0
| [GNUPG:] NO_SECKEY 4138A8C151C7A0DB
| [GNUPG:] BEGIN_DECRYPTION
| [GNUPG:] SIG_ID TKhfrEdHg1EpB1U9HyVpUWL/G/0 2002-10-14 1034624614
| [GNUPG:] GOODSIG 9D8F3593032E13AC Yvonne Hoffmüller <snipped>
| [GNUPG:] VALIDSIG D2F106C3873507C8F06446069D8F3593032E13AC 2002-10-14 1034624614 0
| [GNUPG:] TRUST_FULLY
| [GNUPG:] DECRYPTION_OKAY
| [GNUPG:] GOODMDC
| [GNUPG:] END_DECRYPTION
`----

Everytime I visit the above mail I need to renter my passphrase.

,----
| [GNUPG:] ENC_TO 4138A8C151C7A0DB 16 0
| [GNUPG:] ENC_TO 1DED9050DB90BB4A 16 0
| [GNUPG:] USERID_HINT 1DED9050DB90BB4A Mark Trettin <snipped>
| [GNUPG:] NEED_PASSPHRASE 1DED9050DB90BB4A AE51CC4123467AF1 16 0
| [GNUPG:] GOOD_PASSPHRASE
| [GNUPG:] NO_SECKEY 4138A8C151C7A0DB
| [GNUPG:] BEGIN_DECRYPTION
| [GNUPG:] SIG_ID g3fcQ49lvXr5KM8ecQ82mt2YyyI 2002-10-14 1034630253
| [GNUPG:] GOODSIG AE51CC4123467AF1 Mark Trettin <snipped>
| [GNUPG:] VALIDSIG EB0DE52C22DB340030AF11D9AE51CC4123467AF1 2002-10-14 1034630253 0
| [GNUPG:] TRUST_ULTIMATE
| [GNUPG:] DECRYPTION_OKAY
| [GNUPG:] GOODMDC
| [GNUPG:] END_DECRYPTION
`----

Visiting this mail works with the cached passphrase. 

Maybe it has something to do with order of this "ENC_TO/USERID_HINT"
stuff?

Or am I just plainly mistaken and everything works as intendend, thus
caching is only supposed to work for mails I encrypted?
 
Bye

	 Mark

______________ 
¹  is it "encrypt to" or "encrypt for"?
-- 
Mark Trettin · Aachen · Germany · Where is Aachen? --> N: 50°46' E: 06°05'
BOFH excuse #67:

descramble code needed from software company

     prev parent reply	other threads:[~2002-10-17 10:57 UTC|newest]

Thread overview: 14+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2002-10-10 12:50 David Kågedal
2002-10-10 15:08 ` Simon Josefsson
2002-10-10 15:23   ` Josh Huber
2002-10-10 15:47     ` Simon Josefsson
2002-10-10 16:31   ` David Kågedal
2002-10-10 16:41     ` Simon Josefsson
2002-10-10 17:14       ` David Kågedal
2002-10-10 18:44       ` Mark Trettin
2002-10-10 20:21         ` Simon Josefsson
2002-10-11  0:39           ` Josh Huber
2002-10-11  1:08             ` Simon Josefsson
2002-10-11  1:30               ` Josh Huber
2002-10-11  4:17                 ` Simon Josefsson
2002-10-17 10:57                   ` Mark Trettin [this message]

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=m3n0pd1gfy.fsf@beldin.mt743742.dialup.rwth-aachen.de \
    --to=mtr-dev0@gmx.de \
    --cc=mtr-usenet@gmx.de \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).