[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
bug#26587: 26.0.50; Gnus signs with false S/MIME key
From: |
Torsten Bronger |
Subject: |
bug#26587: 26.0.50; Gnus signs with false S/MIME key |
Date: |
Thu, 10 Oct 2019 08:55:32 +0200 |
User-agent: |
Gnus/5.13 (Gnus v5.13) Emacs/27.0.50 (gnu/linux) |
Hallöchen!
Lars Ingebrigtsen writes:
> Torsten Bronger <bronger@physik.rwth-aachen.de> writes:
>
>> I would like the second key to be used. But Gnus signs the email
>> with the first certificate.
>
> If I understand the code correctly, `epg-start-sign' is run here,
> and gpgsm is started with the parameters looking like
>
> "--detach-sign" "-u" "4A44812B553ACE6D" "-u" "4A44812B553ACEetc"
>
> with as many "-u"s as there are in your gpgsm store that matches
> whatever you've set up in that list that lists all your identities
> you want to use.
>
> Could you edebug that function to see if that's really what
> happens? Because if it is, we're leaving the decision to gpgsm
> itself which user ID to use, and that seems very sub-optimal.
I don’t know how to edebug, so before learning this, I wrote a
wrapper for gpgsm, logging the parameters. When sending the
message, gpgsm is called once, with the parameters
gpgsm --no-tty --status-fd 1 --yes --output /tmp/epg-outputmEnG08 --detach-sign
In particular, I don’t see "-u"s here.
Regards,
Torsten.
--
Torsten Bronger
smime.p7s
Description: S/MIME cryptographic signature