On Thu 2016-09-01 13:26:28 -0400, Antoine Beaupré wrote: > On Sat, Aug 30, 2014 at 11:57:43PM -0400, Antoine Beaupré wrote: >> Okay, I understand what's going on - the problem is that the signing key >> (just the public part, but still) is first exported to the temporary >> keyring, so what probably happens is that the public key material is >> simply missing. >> >> We totally ignore --default-key and instead just use the first working >> secret key right now, this happens in MonkeyscanUi.copy_secrets() >> (ui.py:251). >> >> I am not sure i want to start parsing gpg.conf, but maybe that's >> something we should be doing now :/ > > I'm curious to hear what people think of this - should we parse > gpg.conf for such configuration to figure out which key to extract?
I recently learned about "gpg --with-colons --list-config", but it doesn't include default-key. It shouldn't be hard to add that to GnuPG upstream, though, and it'd be lots better than trying to parse the config files ourselves. I've just opened: https://bugs.gnupg.org/gnupg/issue2666 > Or should we copy all secret key material to the temporary keyring and > let gpg deal with it its own way? yuck, i really don't like copying secret key material if we can avoid it. --dkg
signature.asc
Description: PGP signature
