On 2016-09-01 21:59:23, Daniel Kahn Gillmor wrote:
> [ Unknown signature status ]
> On Thu 2016-09-01 16:11:03 -0400, Antoine Beaupré wrote:
>> we do copy the first secret key right now. it felt better than operating
>> directly on the main keyring.
>
> Using a separate public keyring is totally re
On Thu 2016-09-01 16:11:03 -0400, Antoine Beaupré wrote:
> we do copy the first secret key right now. it felt better than operating
> directly on the main keyring.
Using a separate public keyring is totally reasonable for pubring
isolation, but copying the secret keyring is probably not a good ide
Control: tags -1 +pending +patch -help
On 2016-09-01 17:34:23, Antoine Beaupré wrote:
> in this case, the fix would be to copy *all* public parts of *all* the
> secret keys we have, regardless of whether it's the chosen one.
I did just that in the following patch, testing and feedback welcome of
On 2016-09-01 16:11:03, Antoine Beaupré wrote:
> On 2016-09-01 15:28:10, Daniel Kahn Gillmor wrote:
>>> Or should we copy all secret key material to the temporary keyring and
>>> let gpg deal with it its own way?
>>
>> yuck, i really don't like copying secret key material if we can avoid
>> it.
>
>
On Thu 2016-09-01 15:28:10 -0400, Daniel Kahn Gillmor wrote:
> On Thu 2016-09-01 13:26:28 -0400, Antoine Beaupré wrote:
>> I'm curious to hear what people think of this - should we parse
>> gpg.conf for such configuration to figure out which key to extract?
>
> I recently learned about "gpg --with-
On 2016-09-01 15:28:10, Daniel Kahn Gillmor wrote:
>> Or should we copy all secret key material to the temporary keyring and
>> let gpg deal with it its own way?
>
> yuck, i really don't like copying secret key material if we can avoid
> it.
we do copy the first secret key right now. it felt bette
On Thu 2016-09-01 13:26:28 -0400, Antoine Beaupré wrote:
> On Sat, Aug 30, 2014 at 11:57:43PM -0400, Antoine Beaupré wrote:
>> Okay, I understand what's going on - the problem is that the signing key
>> (just the public part, but still) is first exported to the temporary
>> keyring, so what probabl
On Sat, Aug 30, 2014 at 11:57:43PM -0400, Antoine Beaupré wrote:
> Okay, I understand what's going on - the problem is that the signing key
> (just the public part, but still) is first exported to the temporary
> keyring, so what probably happens is that the public key material is
> simply missing.
Okay, I understand what's going on - the problem is that the signing key
(just the public part, but still) is first exported to the temporary
keyring, so what probably happens is that the public key material is
simply missing.
We totally ignore --default-key and instead just use the first working
Control: found -1 1.1
> monkeysign is using by default the most recent private key on your keyring for
> the signature. It will be nice if instead it uses the one configured on the
> gnupg config file (~/.gnupg/gpg.conf) as 'default-key'.
I can confirm this, with:
$ grep -E '^default-key\s+' ~
Control: tags -1 unreproducible
Actually, monkeysign copies the gpg.conf over to the temporary keyring,
so this should work.
Can you provide the output of monkeysign --debug to help me reproduce
the problem?
A.
On 2013-09-02 04:42:01, Ruben Pollan wrote:
> Dear Maintainer,
>
> monkeysign is usi
Package: monkeysign
Version: 1.0
Severity: wishlist
Tags: upstream
Dear Maintainer,
monkeysign is using by default the most recent private key on your keyring for
the signature. It will be nice if instead it uses the one configured on the
gnupg config file (~/.gnupg/gpg.conf) as 'default-key'.
T
12 matches
Mail list logo
