Page MenuHome GnuPG
Create Task
Maniphest T3784

Photo IDs gets signed even when --only-sign-text-ids is specified
Closed, InvalidPublic
Actions

Description

gpg's manpage says:

If the option --only-sign-text-ids is specified, then any non-text based user ids (e.g., photo IDs) will not be selected for signing.

Well, let's try it on a brand new key I generated on purpose:

~ $ gpg --edit-key pippo@pippo.com
gpg (GnuPG) 2.2.4; Copyright (C) 2017 Free Software Foundation, Inc.
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.

Secret key is available.

sec  rsa3072/BE99372685E5B738
     created: 2018-02-07  expires: 2020-02-07  usage: SC
     trust: ultimate      validity: ultimate
ssb  rsa3072/802DF18BADE59998
     created: 2018-02-07  expires: 2020-02-07  usage: E
[ultimate] (1). pippo <pippo@pippo.com>
[ultimate] (2)  [jpeg image of size 62522]

gpg> sign --only-sign-text-ids
Really sign all text user IDs? (y/N) y

sec  rsa3072/BE99372685E5B738
     created: 2018-02-07  expires: 2020-02-07  usage: SC
     trust: ultimate      validity: ultimate
 Primary key fingerprint: FA4E D8C3 A04F F411 4D2F  4879 BE99 3726 85E5 B738

     pippo <pippo@pippo.com>
     [jpeg image of size 62522]

This key is due to expire on 2020-02-07.
Are you sure that you want to sign this key with your
key "Paride Legovini <pl@ninthfloor.org>" (5A09B4576DE8080E)

Really sign? (y/N) y

gpg> q
Save changes? (y/N) y

Note how after the sign command I'm asked if I want to sign all the text user IDs, as an effect of the --only-sign-text-ids option, but [jpeg image of size 62522] appears as a UID to be signed. And it is indeed signed, as we can see by checking the actual signatures:

~ $ gpg --check-sigs pippo@pippo.com
gpg: checking the trustdb
gpg: marginals needed: 3  completes needed: 1  trust model: pgp
gpg: depth: 0  valid:   3  signed:   4  trust: 0-, 0q, 0n, 0m, 0f, 3u
gpg: depth: 1  valid:   4  signed:   0  trust: 1-, 0q, 0n, 1m, 2f, 0u
gpg: next trustdb check due at 2019-10-14
pub   rsa3072 2018-02-07 [SC] [expires: 2020-02-07]
      FA4ED8C3A04FF4114D2F4879BE99372685E5B738
uid           [ultimate] pippo <pippo@pippo.com>
sig!3        BE99372685E5B738 2018-02-07  pippo <pippo@pippo.com>
sig!         5A09B4576DE8080E 2018-02-07  Paride Legovini <pl@ninthfloor.org>
uid           [ultimate] [jpeg image of size 62522]
sig!3        BE99372685E5B738 2018-02-07  pippo <pippo@pippo.com>
sig!         5A09B4576DE8080E 2018-02-07  Paride Legovini <pl@ninthfloor.org>
sub   rsa3072 2018-02-07 [E] [expires: 2020-02-07]
sig!         BE99372685E5B738 2018-02-07  pippo <pippo@pippo.com>

gpg: 5 good signatures

I think this issue is quite relevant, as it can lead to unwanted signatures, especially after keysigning events.

Edit: I also noticed that gpg --edit-key --only-sign-text-ids has no effect, the sign command asks to sign all the UIDs:

~ $ gpg --edit-key --only-sign-text-ids pippo@pippo.com
[...]
gpg> sign
Really sign all user IDs? (y/N)

Details

Version
2.2.4 (up-to-date Debian sid)

Event Timeline

paride created this task.Feb 7 2018, 2:21 PM
paride renamed this task from Photo IDs gets signed even with --only-sign-text-ids is specified to Photo IDs gets signed even when --only-sign-text-ids is specified.Feb 7 2018, 2:24 PM
paride updated the task description. (Show Details)Feb 7 2018, 2:32 PM
paride updated the task description. (Show Details)Feb 7 2018, 5:22 PM
paride changed Version from 2.2.4 (Debian) to 2.2.4 (up-to-date Debian sid).
paride closed this task as Invalid.Feb 7 2018, 5:40 PM