[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
bug#26587: 26.0.50; Gnus signs with false S/MIME key
From: |
Torsten Bronger |
Subject: |
bug#26587: 26.0.50; Gnus signs with false S/MIME key |
Date: |
Wed, 9 Oct 2019 10:58:24 +0200 |
User-agent: |
Gnus/5.13 (Gnus v5.13) Emacs/27.0.50 (gnu/linux) |
Hallöchen!
Lars Ingebrigtsen writes:
> Torsten Bronger <bronger@physik.rwth-aachen.de> writes:
>
>> If I have keys for different email addresses in my gpgsm keyring, Gnus
>> signs an outgoing email using S/MIME with the first one listed by "gpgsm
>> --list-secret-keys" instead of the one actually associated with the
>> "From:" mail address.
>
> I'm unable to reproduce this bug.
>
> Could you describe, step by step, how you are composing the message to
> be signed?
When writing the message, I call (mml-secure-message-sign-smime).
The "From:" field contains "Torsten Bronger
<bronger@physik.rwth-aachen.de>". My secret keys are:
bronger@brad:~/kfa/Zertifikate/juliabase$ gpgsm --list-secret-keys
/home/bronger/.gnupg/pubring.kbx
--------------------------------
ID: 0x416092ED
S/N: 1CDCFCFE038E7AD34DF1C3FC
Issuer: /CN=DFN-Verein Global Issuing CA/OU=DFN-PKI/O=Verein zur
Foerderung eines Deutschen Forschungsnetzes e. V./C=DE
Subject: /CN=Torsten Bronger/O=Forschungszentrum Juelich GmbH/C=DE
aka: t.bronger@fz-juelich.de
[...]
ID: 0x4A86AFDB
S/N: 213C2509C6CA74A7ED7133B8
Issuer: /CN=DFN-Verein Global Issuing CA/OU=DFN-PKI/O=Verein zur
Foerderung eines Deutschen Forschungsnetzes e. V./C=DE
Subject: /CN=Torsten Bronger/OU=Fachgruppe Physik/O=RWTH Aachen/C=DE
aka: bronger@physik.rwth-aachen.de
validity: 2019-07-03 13:02:55 through 2022-07-02 13:02:55
key type: 2048 bit RSA
key usage: digitalSignature nonRepudiation keyEncipherment
ext key usage: clientAuth (suggested), emailProtection (suggested)
policies:
1.3.6.1.4.1.22177.300.1.1.4:N:,1.3.6.1.4.1.22177.300.1.1.4.4:N:,1.3.6.1.4.1.22177.300.2.1.4.4:N:
fingerprint: CD:BF:CA:E9:F3:83:B9:DC:00:E4:A2:B1:8F:D8:E0:78:4A:86:AF:DB
I would like the second key to be used. But Gnus signs the email
with the first certificate.
Regards,
Torsten.
--
Torsten Bronger
- bug#26587: 26.0.50; Gnus signs with false S/MIME key,
Torsten Bronger <=