On Mon, Jan 22, 2018 at 11:36 AM, Zechariah Seth <cousinwednes...@mail.com> wrote: > Simon Kissane wrote: >> (This is just a test key generated for testing purposes, so it is fine >> to share it publicly.) > > Interesting "User ID" on that key: > "root:testGpg:key_54503F79_3794_456C_8725_8977A68B71C1" > > I hope no one is foolish enough to import your key and run your script. Hi Zechariah, thank you for taking the time to have a look at this for me. It sounds like you are concerned that running my script may import some strange key into your GPG home. If you read the script, you will see that it creates two new GPG homes under a temporary directory, so no odd keys are going to be imported into your day-to-day GPG config.
I realise the User ID is weird. To explain, in the use case I am working on we are only using GPG for file encryption/decryption using keys pre-agreed out of band. As such, we aren't actually using any of the PGP "web-of-trust" functionality, and the actual User IDs are rather irrelevant. Maybe we should just use S/MIME or CMS instead (and I'm looking into that option), but since we are already using GPG for this I was looking at how to possibly integrate our existing usage of GPG with an external key management system. That said, I have changed my key generation code to generate more normal looking User IDs, as you can see with this key: https://gist.github.com/skissane/a64756f32e62fbc5b51ee1f4eef22575 which has User ID: Test Key 123 <root.testgpg.key_e9d999db_2e83_4061_8e9a_6f5b60806...@example.com> And, if you run the new key against my script, you get the same error, showing that problem (whatever it is) isn't the User ID. (My reading of RFC4880 section 5.11 is that having an email in the User ID is just a convention not mandatory, so software should be robust in the face of User IDs breaking that convention.) Thank you Simon On Mon, Jan 22, 2018 at 11:36 AM, Zechariah Seth <cousinwednes...@mail.com> wrote: > Simon Kissane wrote: >> (This is just a test key generated for testing purposes, so it is fine >> to share it publicly.) > > Interesting "User ID" on that key: > "root:testGpg:key_54503F79_3794_456C_8725_8977A68B71C1" > > I hope no one is foolish enough to import your key and run your script. > > _______________________________________________ > Gnupg-users mailing list > Gnupg-users@gnupg.org > http://lists.gnupg.org/mailman/listinfo/gnupg-users _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
