From 2f9fe93b98ed32b662212899db6ba2174c1138d3 Mon Sep 17 00:00:00 2001 From: Matthew James Goins Date: Sat, 20 Mar 2010 15:07:30 -0400 Subject: Removed docs and website. They will now reside (for my repo) at git://lair.fifthhorseman.net/~mjgoins/monkeysphere.info/ --- ...subkey-treats-revoked-auth-subkey-as-valid.mdwn | 37 ---------------------- 1 file changed, 37 deletions(-) delete mode 100644 website/bugs/monkeysphere-gen-subkey-treats-revoked-auth-subkey-as-valid.mdwn (limited to 'website/bugs/monkeysphere-gen-subkey-treats-revoked-auth-subkey-as-valid.mdwn') diff --git a/website/bugs/monkeysphere-gen-subkey-treats-revoked-auth-subkey-as-valid.mdwn b/website/bugs/monkeysphere-gen-subkey-treats-revoked-auth-subkey-as-valid.mdwn deleted file mode 100644 index 3c7e804..0000000 --- a/website/bugs/monkeysphere-gen-subkey-treats-revoked-auth-subkey-as-valid.mdwn +++ /dev/null @@ -1,37 +0,0 @@ -If you have a revoked authentication subkey in your keyring, -monkeysphere gen-subkey thinks that I have an authentication subkey -already, which I do, but it probably shouldn't care about it, since it -is revoked: - - 21:30@pond> monkeysphere gen-subkey F67E2A5D1CF2D62A - An authentication subkey already exists for key 'F67E2A5D1CF2D62A'. - Are you sure you would like to generate another one? (y/N) - -However: this key was revoked on 2008-04-28 by DSA key 1CF2D62A Micah Anderson - sub 1024R/866F47D3 created: 2008-02-25 revoked: 2008-04-28 usage: A - -I can continue to create a new authorization subkey, so its not a -blocker or anything (I suppose I could also delete the revoked key -from my keyring as well, although thats less than ideal). - -It seems like the secret keyring doesn't mention that it has been -revoked, so probably monkeysphere needs to be looking at gpg's -computed validity from the public keyring instead of the secret -keyring to be able to get the "r" flag from field 2, in addition to -the "e" flag from field 12. - ---- - -So the problem is that there is no field 2 for secret keys. From -/usr/share/doc/gnupg/DETAILS.gz: - - 2. Field: A letter describing the calculated trust. This is a single - letter, but be prepared that additional information may follow - in some future versions. (not used for secret keys) - -Why would secret keys not have this field? They have validity too, -right? This doesn't make any sense. I verify that indeed there is no -output in field 2 for secret keys. I would say this is a bug in gpg, -but it's clearly done on purpose. Any ideas? - --- jrollins -- cgit v1.2.3