From: Mark Trettin <mtr-dev0@gmx.de>
Subject: Re: pgg doesn't mention that the signature is untrusted
Date: Thu, 17 Oct 2002 12:57:05 +0200 [thread overview]
Message-ID: <m3n0pd1gfy.fsf@beldin.mt743742.dialup.rwth-aachen.de> (raw)
In-Reply-To: <iluy99538yi.fsf@latte.josefsson.org> (Simon Josefsson's message of "Fri, 11 Oct 2002 06:17:41 +0200")
* On: Fri, 11 Oct 2002 06:17:41 +0200 Simon Josefsson writes:
[ sorry for the late response ]
> Josh Huber <huber@alum.wpi.edu> writes:
>> Simon Josefsson <jas@extundo.com> writes:
>>
>>> Not here, it seems to be a bug; PGG stores the passphrase on the key
>>> ID actually used by GnuPG to sign something, but it later looks up
>>> the passphrase using the first private key ID from
>>> --list-secret-keys. This didn't work for me as I have many secret
>>> keys. Hm. Shouldn't be difficult to fix, I think.
>>
>> Perhaps it works for me because of this configuration?
>>
>> (setq jmh::primary-key "6B21489A")
>> (setq pgg-passphrase-cache-expiry 300)
>> (setq pgg-default-user-id jmh::primary-key)
> Yes, I leave the `pgg-default-user-id' to its default value "jas",
> which matches several keys and PGG picks the first one which turns out
> to be a expired key I don't use anymore. PGG should handle this
> without additional configuration IMHO. I added it to my TODO list..
I figured out when caching works (for me) and when it doesn't.
It works for all mails *I* encrypted to¹ myself and another recipient.
But it does not work for mails that were encrypted by others *to* me
and themselves. Then PGG always asks me for the passphrase of the
sender's key-id. Tested with gpg v1.0.6 and v1.2.0.
,----
| [GNUPG:] ENC_TO 1DED9050DB90BB4A 16 0
| [GNUPG:] USERID_HINT 1DED9050DB90BB4A Mark Trettin <snipped>
| [GNUPG:] NEED_PASSPHRASE 1DED9050DB90BB4A AE51CC4123467AF1 16 0
| [GNUPG:] GOOD_PASSPHRASE
| [GNUPG:] ENC_TO 4138A8C151C7A0DB 16 0
| [GNUPG:] NO_SECKEY 4138A8C151C7A0DB
| [GNUPG:] BEGIN_DECRYPTION
| [GNUPG:] SIG_ID TKhfrEdHg1EpB1U9HyVpUWL/G/0 2002-10-14 1034624614
| [GNUPG:] GOODSIG 9D8F3593032E13AC Yvonne Hoffmüller <snipped>
| [GNUPG:] VALIDSIG D2F106C3873507C8F06446069D8F3593032E13AC 2002-10-14 1034624614 0
| [GNUPG:] TRUST_FULLY
| [GNUPG:] DECRYPTION_OKAY
| [GNUPG:] GOODMDC
| [GNUPG:] END_DECRYPTION
`----
Everytime I visit the above mail I need to renter my passphrase.
,----
| [GNUPG:] ENC_TO 4138A8C151C7A0DB 16 0
| [GNUPG:] ENC_TO 1DED9050DB90BB4A 16 0
| [GNUPG:] USERID_HINT 1DED9050DB90BB4A Mark Trettin <snipped>
| [GNUPG:] NEED_PASSPHRASE 1DED9050DB90BB4A AE51CC4123467AF1 16 0
| [GNUPG:] GOOD_PASSPHRASE
| [GNUPG:] NO_SECKEY 4138A8C151C7A0DB
| [GNUPG:] BEGIN_DECRYPTION
| [GNUPG:] SIG_ID g3fcQ49lvXr5KM8ecQ82mt2YyyI 2002-10-14 1034630253
| [GNUPG:] GOODSIG AE51CC4123467AF1 Mark Trettin <snipped>
| [GNUPG:] VALIDSIG EB0DE52C22DB340030AF11D9AE51CC4123467AF1 2002-10-14 1034630253 0
| [GNUPG:] TRUST_ULTIMATE
| [GNUPG:] DECRYPTION_OKAY
| [GNUPG:] GOODMDC
| [GNUPG:] END_DECRYPTION
`----
Visiting this mail works with the cached passphrase.
Maybe it has something to do with order of this "ENC_TO/USERID_HINT"
stuff?
Or am I just plainly mistaken and everything works as intendend, thus
caching is only supposed to work for mails I encrypted?
Bye
Mark
______________
¹ is it "encrypt to" or "encrypt for"?
--
Mark Trettin · Aachen · Germany · Where is Aachen? --> N: 50°46' E: 06°05'
BOFH excuse #67:
descramble code needed from software company
prev parent reply other threads:[~2002-10-17 10:57 UTC|newest]
Thread overview: 14+ messages / expand[flat|nested] mbox.gz Atom feed top
2002-10-10 12:50 David Kågedal
2002-10-10 15:08 ` Simon Josefsson
2002-10-10 15:23 ` Josh Huber
2002-10-10 15:47 ` Simon Josefsson
2002-10-10 16:31 ` David Kågedal
2002-10-10 16:41 ` Simon Josefsson
2002-10-10 17:14 ` David Kågedal
2002-10-10 18:44 ` Mark Trettin
2002-10-10 20:21 ` Simon Josefsson
2002-10-11 0:39 ` Josh Huber
2002-10-11 1:08 ` Simon Josefsson
2002-10-11 1:30 ` Josh Huber
2002-10-11 4:17 ` Simon Josefsson
2002-10-17 10:57 ` Mark Trettin [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=m3n0pd1gfy.fsf@beldin.mt743742.dialup.rwth-aachen.de \
--to=mtr-dev0@gmx.de \
--cc=mtr-usenet@gmx.de \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).