Page MenuHome GnuPG
Create Task
Maniphest T3782

`gpg --sign-key` has prompt implies attempting to sign revoked User IDs even though it won't.
Open, NormalPublic
Actions

Description

if i do gpg --sign-key example, i get a confusing prompt that claims i'm being asked to sign revoked User IDs. Furthermore, even if i say "yes" to it, it does *not* sign the revoked User IDs.

[ unknown] (1). Example User <test1@example.net>
[ revoked] (2)  Example User <test2@example.biz>

Really sign all text user IDs? (y/N) y
User ID "Example User <test2@example.biz>" is revoked.  Unable to sign.

This is a confusing user experience.

Details

Version
2.2.4

Event Timeline

dkg created this task.Feb 6 2018, 7:59 PM
paride added a subscriber: paride.Feb 7 2018, 10:24 AM
paride added a comment.Feb 7 2018, 10:54 AM

I also think that when calling sign from the --edit-key interactive menu the experience should be a bit different. Instead of listing all the UIDs (even the revoked one) and then warning about the impossibility to sign some of them, it would be better to re-list only the UIDs that are going to be signed. In case --only-sign-text-ids is specified, the non-text UIDs should be stripped from this list too.

werner triaged this task as Normal priority.Apr 17 2018, 8:25 PM
werner edited projects, added Feature Request; removed Bug Report.