Hi Kevin,

On Thu,  2 Jul 2026 15:23, Kevin J. McCarthy said:

> Cc'ing you on this, just in case you are familiar with it.

Thanks.  I am subscribed but I don't read everything.  And yes, I should
be familar but I have not looked deeply at the code over the last two
decades.

> In the Mutt GPGME code, in get_candidates(), the APPLICATION_PGP
> section has code to check for revoked/expired/disabled flags:

> However, the APPLICATION_SMIME code in the same function is missing
> those checks.  My theory is that, at the time, the GPGME code didn't
> support those flags for S/MIME.  Do you happen to know if that was the

That is possible but the worst thing which could happen is that the
gpgme flags are not set.  Thus there should be no need to differentiate
between SMIME and PGP in the gpgme.  There are some exceptions of
course, like how to build a certificate chain but most things are
protocol independent.

I see no reason why we can't fold the two gpgme_op_keylist_start/next
loops into one.  I might have been too lazy back then.


Unrelated: I don't fully understand my comment from 2005:

      /* Its all a mess.  That old GPGME expects different things
         depending on the protocol.  For gpg we don' t need percent
         escaped pappert but simple strings passed in an array to the
         keylist_ext_start function. */

s/pappert/pattern/

gpgme has always done the needed percent escaping for smime.



Shalom-Salam,

   Werner



-- 
The pioneers of a warless world are the youth that
refuse military service.             - A. Einstein

Attachment: openpgp-digital-signature.asc
Description: PGP signature

Reply via email to