Page MenuHome GnuPG
Create Task
Maniphest T2104

when dealing with --try-all-secrets, try non-expired keys first
Open, LowPublic
Actions

Description

I have an OpenPGP key with an expired encryption-capable subkey, and a newer,
non-expired encryption-capable subkey.

if i get an encrypted message with an anonymous (all-zero) keyid subpacket in
the PSKESK, gpg 2.1.8 goes into try-all-secrets mode.

It first prompts me for a passphrase for my expired subkey, then for my
non-expired subkey.

It should default to trying the non-expired subkey first.

Details

Version
2.1.8

Event Timeline

dkg added projects: gnupg, Bug Report.Sep 17 2015, 5:47 AM
dkg set Version to 2.1.8.
dkg added a subscriber: dkg.
werner added a subscriber: werner.Sep 17 2015, 3:45 PM

Yeah, I know it is actually an old feature requests to first sort the candidate
keys and then try them in order.

werner lowered the priority of this task from Normal to Low.Sep 17 2015, 3:45 PM