From 1e26301ec4cd2afc45c968c3fe3d77bf296b03fb Mon Sep 17 00:00:00 2001 From: Micah Anderson Date: Wed, 3 Sep 2008 15:27:59 -0400 Subject: [PATCH] added bug monkeysphere-gen-subkey-treats-revoked-auth-subkey-as-valid --- ...y-treats-revoked-auth-subkey-as-valid.mdwn | 21 +++++++++++++++++++ 1 file changed, 21 insertions(+) create mode 100644 website/bugs/monkeysphere-gen-subkey-treats-revoked-auth-subkey-as-valid.mdwn diff --git a/website/bugs/monkeysphere-gen-subkey-treats-revoked-auth-subkey-as-valid.mdwn b/website/bugs/monkeysphere-gen-subkey-treats-revoked-auth-subkey-as-valid.mdwn new file mode 100644 index 0000000..8181437 --- /dev/null +++ b/website/bugs/monkeysphere-gen-subkey-treats-revoked-auth-subkey-as-valid.mdwn @@ -0,0 +1,21 @@ +If you have a revoked authentication subkey in your keyring, +monkeysphere gen-subkey thinks that I have an authentication subkey +already, which I do, but it probably shouldn't care about it, since it +is revoked: + + 21:30@pond> monkeysphere gen-subkey F67E2A5D1CF2D62A + An authentication subkey already exists for key 'F67E2A5D1CF2D62A'. + Are you sure you would like to generate another one? (y/N) + +However: this key was revoked on 2008-04-28 by DSA key 1CF2D62A Micah Anderson + sub 1024R/866F47D3 created: 2008-02-25 revoked: 2008-04-28 usage: A + +I can continue to create a new authorization subkey, so its not a +blocker or anything (I suppose I could also delete the revoked key +from my keyring as well, although thats less than ideal). + +It seems like the secret keyring doesn't mention that it has been +revoked, so probably monkeysphere needs to be looking at gpg's +computed validity from the public keyring instead of the secret +keyring to be able to get the "r" flag from field 2, in addition to +the "e" flag from field 12. -- 2.26.2