dkg (Daniel Kahn Gillmor)
User

Projects

Today

  • Clear sailing ahead.

Tomorrow

  • Clear sailing ahead.

Monday

  • Clear sailing ahead.

User Details

User Since
Mar 27 2017, 4:49 PM (171 w, 4 d)
Availability
Available

Recent Activity

Thu, Jul 2

dkg added a comment to T3464: successful decryption with session key reports failure if public key is unknown.

I don't think this fix has made it into a release yet. Could we get a released version of gpgme that contains this fix?

Thu, Jul 2, 6:59 AM · gpgme, Bug Report

Wed, Jul 1

dkg added a comment to T4982: [PATCH] qt libraries should be linked with -fPIC instead of -fpic.

on #debian-dpkg on IRC, Guillem Jover suggested that we might want to fix dpkg specfiles to use +self_spec: instead of *self_spec:.

Wed, Jul 1, 6:44 PM · gpgme, Info Needed, Bug Report
dkg added a project to T4982: [PATCH] qt libraries should be linked with -fPIC instead of -fpic: gpgme.

I'm still not understanding what specifically should be fixed here. Sorry to be dense about it, but the range of options and configuration details that are different are pretty puzzling.

Wed, Jul 1, 3:55 AM · gpgme, Info Needed, Bug Report

Tue, Jun 30

dkg added a comment to T4618: DANE OpenPGP certificate retrieval does not verify DNSSEC signatures.

The same concern has been reported at https://bugs.debian.org/964033 -- if dirmngr is not going to follow the specification, it should at least document (and maybe warn?) about how it is divergent.

Tue, Jun 30, 9:30 PM · dns, dirmngr

Thu, Jun 25

dkg added a comment to T4977: dirmngr not working with linux kernel parameter ipv6.disable=1.

Can you characterize the failure when ipv6.disable=1 ? The straightforward failure (connect() fails with EHOSTUNREACH after a few seconds) should presumably be treated the same as if some other host happened to be offline. That should result in dirmngr failing over to the next available address for the configured keyserver, right?

Thu, Jun 25, 7:28 PM · gnupg (gpg22), dirmngr, Bug Report
dkg added a comment to T4826: Expiration dates after 2107 are reported as wraparound expiration dates.

I agree with you that a certificate with a lengthy expiration is not cryptographically sensible or wise, @bernhard -- i'd never want to produce such a certificate myself.

Thu, Jun 25, 6:11 PM · gnupg (gpg22), Bug Report

Jun 11 2020

dkg reopened T4892: gpgsm --gen-key with existing key from "ssh-add" fails as "Open".

This appears to still be a problem, despite upgrading to libksba 1.4.0:

Jun 11 2020, 1:29 AM · Bug Report, S/MIME

May 29 2020

dkg updated the task description for T4961: ship gpgrt.pc.
May 29 2020, 7:01 PM · gpgrt
dkg created T4961: ship gpgrt.pc.
May 29 2020, 7:01 PM · gpgrt

May 20 2020

dkg added a comment to T4952: libgpg-error/gpgrt lock-obj for big-endian 64-bit MIPS.

If there's no objection to this in a few days, i'll go ahead and merge it to master.

May 20 2020, 10:00 PM · gpgrt, Feature Request

May 19 2020

dkg committed rE0db8c768843d: syscfg: add 64-bit big-endian MIPS architecture (authored by dkg).
syscfg: add 64-bit big-endian MIPS architecture
May 19 2020, 11:35 PM
dkg added a commit to T4952: libgpg-error/gpgrt lock-obj for big-endian 64-bit MIPS: rE0db8c768843d: syscfg: add 64-bit big-endian MIPS architecture.
May 19 2020, 11:35 PM · gpgrt, Feature Request
dkg added a comment to T4952: libgpg-error/gpgrt lock-obj for big-endian 64-bit MIPS.

branch dkg/fix-4952 contains this fix in an easily applicable form as 0db8c768843db3e85935b972f1ed9d1b98159c46

May 19 2020, 8:49 PM · gpgrt, Feature Request
dkg created T4952: libgpg-error/gpgrt lock-obj for big-endian 64-bit MIPS.
May 19 2020, 7:41 PM · gpgrt, Feature Request

Mar 31 2020

dkg committed rC6a5743469a43: libgcrypt.m4: Fix spelling (authored by dkg).
libgcrypt.m4: Fix spelling
Mar 31 2020, 7:43 PM
dkg committed rCe16e7e619183: libgcrypt.m4: Fix spelling (authored by dkg).
libgcrypt.m4: Fix spelling
Mar 31 2020, 7:43 PM

Mar 30 2020

dkg closed T4892: gpgsm --gen-key with existing key from "ssh-add" fails as Resolved.
Mar 30 2020, 9:59 PM · Bug Report, S/MIME
dkg reopened T4892: gpgsm --gen-key with existing key from "ssh-add" fails as "Open".
Mar 30 2020, 9:59 PM · Bug Report, S/MIME
dkg added a comment to T4886: gpg-wks-server fails on openbsd, because sendmail is in /usr/sbin, not /usr/lib.

thanks!

Mar 30 2020, 8:32 PM · wkd, gnupg (gpg22), Bug Report
dkg created T4895: segfaults in certreqen.c from logging NULL return from get_parameter.
Mar 30 2020, 12:37 AM · gnupg (gpg22), S/MIME, Bug Report

Mar 29 2020

dkg added a comment to T4393: GnuPG should always accept key updates even if the update does not contain UIDs.

Thanks for following up!

Mar 29 2020, 6:46 PM · gnupg (gpg23), Feature Request
dkg updated subscribers of T4393: GnuPG should always accept key updates even if the update does not contain UIDs.

To be clear: marking this ticket wontfix means (among other things) that it is the GnuPG project's upstream position that:

Mar 29 2020, 5:38 PM · gnupg (gpg23), Feature Request

Mar 26 2020

dkg added a comment to T4892: gpgsm --gen-key with existing key from "ssh-add" fails.

OK, i've asked on gnupg-devel.

Mar 26 2020, 3:24 PM · Bug Report, S/MIME
dkg created T4893: "Note: signatures using the MD5 algorithm are rejected" is emitted despite --quiet.
Mar 26 2020, 3:22 PM · gnupg (gpg22), Bug Report
dkg created T4892: gpgsm --gen-key with existing key from "ssh-add" fails.
Mar 26 2020, 2:05 AM · Bug Report, S/MIME

Mar 23 2020

dkg created T4886: gpg-wks-server fails on openbsd, because sendmail is in /usr/sbin, not /usr/lib.
Mar 23 2020, 4:13 PM · wkd, gnupg (gpg22), Bug Report

Mar 20 2020

dkg added a comment to T4883: gpgme X.509 certificates have unknown validity in offline mode unless `disable-crl-checks` is set.

That option does the same as --disable-dirmngr which in trun has the same effect as disable-crl-checks

Mar 20 2020, 4:49 PM · Not A Bug, S/MIME, gpgme
dkg added a comment to T4883: gpgme X.509 certificates have unknown validity in offline mode unless `disable-crl-checks` is set.

@werner wrote:

Mar 20 2020, 4:45 PM · Not A Bug, S/MIME, gpgme

Mar 19 2020

dkg added a comment to T4883: gpgme X.509 certificates have unknown validity in offline mode unless `disable-crl-checks` is set.

I see no difference between the last two example stanzas that show you running ../run-verify. Are they supposed to have different output?

Mar 19 2020, 10:58 PM · Not A Bug, S/MIME, gpgme
dkg added a comment to T4881: "User ID" (Subject, subjectAltName) validity is inaccurate in gpgsm with sample certs..

I'm aware of the metadata leakage risks of OCSP, and i share your concerns about them.

Mar 19 2020, 10:14 PM · Not A Bug, gnupg (gpg22), S/MIME
dkg added a comment to T4881: "User ID" (Subject, subjectAltName) validity is inaccurate in gpgsm with sample certs..

If CRLs or OCSP are a MUST in a given profile, and the cert chain has OCSP but no CRL, it seems like that profile should then try OCSP, rather than failing.

Mar 19 2020, 6:53 PM · Not A Bug, gnupg (gpg22), S/MIME
dkg added a comment to T4883: gpgme X.509 certificates have unknown validity in offline mode unless `disable-crl-checks` is set.

I think what you're saying that there is *no way* to use GPGME in offline mode to validate x.509 certificates, and this is by design. Am I understanding that right?

Mar 19 2020, 5:25 PM · Not A Bug, S/MIME, gpgme
dkg added a comment to T4882: gpgconf --homedir is ignored when setting options.

Thanks for the quick fix, @werner!

Mar 19 2020, 5:18 PM · gnupg (gpg22), Bug Report
dkg created T4883: gpgme X.509 certificates have unknown validity in offline mode unless `disable-crl-checks` is set.
Mar 19 2020, 2:25 AM · Not A Bug, S/MIME, gpgme
dkg created T4882: gpgconf --homedir is ignored when setting options.
Mar 19 2020, 1:35 AM · gnupg (gpg22), Bug Report

Mar 18 2020

dkg added a comment to T4881: "User ID" (Subject, subjectAltName) validity is inaccurate in gpgsm with sample certs..

I thought i'd try with other certificates. I started with the one from this website. It also fails to validate unless i supply --disable-crl-checks, apparently because the immediate issuer (the Let's Encrypt CA) doesn't offer CRLs, only OCSP responders. Perhaps --disable-crl-checks should be the default, or at least if there is no CRL available there shouldn't be a failure by default:

Mar 18 2020, 10:38 PM · Not A Bug, gnupg (gpg22), S/MIME
dkg added a comment to T4881: "User ID" (Subject, subjectAltName) validity is inaccurate in gpgsm with sample certs..

Aha, i can get it to say f if i use --disable-crl-checks:

Mar 18 2020, 10:30 PM · Not A Bug, gnupg (gpg22), S/MIME
dkg added a comment to T4881: "User ID" (Subject, subjectAltName) validity is inaccurate in gpgsm with sample certs..

i didn't know that, thanks. i'm now seeing i (which i think means "invalid") in the same configuration:

Mar 18 2020, 9:36 PM · Not A Bug, gnupg (gpg22), S/MIME
dkg created T4881: "User ID" (Subject, subjectAltName) validity is inaccurate in gpgsm with sample certs..
Mar 18 2020, 8:55 PM · Not A Bug, gnupg (gpg22), S/MIME

Mar 12 2020

dkg updated the task description for T4879: GnuPG treats reordered OpenPGP certificates differently.
Mar 12 2020, 8:29 PM · OpenPGP, gnupg (gpg22), Bug Report
dkg created T4879: GnuPG treats reordered OpenPGP certificates differently.
Mar 12 2020, 8:01 PM · OpenPGP, gnupg (gpg22), Bug Report
dkg added a comment to T4878: gpgsm's default for include-certs should include the signing cert if it is self-signed.

For reference, here's an error message from openssl smime when it is trying to verify an e-mail message with no embedded certificate at all (despite it knowing about the relevant certificate):

Mar 12 2020, 2:01 PM · gnupg (gpg23), S/MIME, Feature Request
dkg created T4878: gpgsm's default for include-certs should include the signing cert if it is self-signed.
Mar 12 2020, 7:51 AM · gnupg (gpg23), S/MIME, Feature Request

Mar 10 2020

dkg added a comment to T4871: gpg lock invalid key size due to not running UTF-8 encoding on Windows.

"log" and "lock" are easy typo/confusions to make, @aheinecke was just trying to understand your report better, since there wasn't much information in it.

Mar 10 2020, 4:23 PM · gnupg, gpg4win
dkg added a comment to T4856: GPG: Key Exchange Put public OpenPGP key into signature.

@wiktor-k, "just extend the spec" doesn't necessarily work with existing clients, which might be surprised to find unexpected packets in the signature section of an e-mail. It seems more likely to me that they'd be able to handle (meaning: ignore) an unknown subpacket (as long as it's well-formed) than to handle additional packets. But all of these surmises require testing with existing clients, of course. Has anyone done any of that testing?

Mar 10 2020, 3:19 PM · Feature Request, gpgol, Keyserver, gnupg
dkg added a comment to T4856: GPG: Key Exchange Put public OpenPGP key into signature.

Ah, thanks for pointing out the subpacket option (i guess it could be hashed or unhashed). i don't think any of the subpackets currently defined in RFC4880 supports this use case -- but i guess you could mint a new one, or use a notation.

Mar 10 2020, 1:22 AM · Feature Request, gpgol, Keyserver, gnupg

Mar 9 2020

dkg added a comment to T4856: GPG: Key Exchange Put public OpenPGP key into signature.

Hi @aheinecke, thanks for thinking about this, and thanks for tagging me here too. I'm definitely interested.

Mar 9 2020, 9:53 PM · Feature Request, gpgol, Keyserver, gnupg
dkg added a comment to T4857: GPGSM: Put encryption key also into signature.

This is an important fix for a sensible S/MIME use case. Thanks for working on it!

Mar 9 2020, 8:40 PM · gnupg, S/MIME
dkg added a comment to T4867: with non-existent homedir, `gpgconf --check-programs` produces surprising output..

Yes, i'd surmised that the ::::: lines are continuation lines of the error message. but why not just percent-escape the newline in the error message too? Where in the documentation of this API does it say to expect continuation lines of error messages? Is gpgconf expected to be used programmatically?

Mar 9 2020, 6:21 PM · gnupg (gpg22), Bug Report
dkg added a comment to T4249: No connection to Keyserver possible.

@Moonchild wrote:

using enigmail with the new version

Mar 9 2020, 6:14 PM · gnupg, dirmngr, Bug Report, gpg4win

Mar 6 2020

dkg added a comment to T4867: with non-existent homedir, `gpgconf --check-programs` produces surprising output..

I think you mean "mix", not "fix". right?

Mar 6 2020, 7:06 PM · gnupg (gpg22), Bug Report
dkg updated the task description for T4867: with non-existent homedir, `gpgconf --check-programs` produces surprising output..
Mar 6 2020, 12:25 AM · gnupg (gpg22), Bug Report

Mar 5 2020

dkg created T4867: with non-existent homedir, `gpgconf --check-programs` produces surprising output..
Mar 5 2020, 11:01 PM · gnupg (gpg22), Bug Report
dkg added a comment to T4866: `gpg-agent --gpgconf-list` returns a non-zero error code 2 if $HOME is non-existent, causing `gpgconf` to fail.

Sure, I personally know that GnuPG requires a homedir to operate.

Mar 5 2020, 3:20 PM · gpgagent, gnupg, Bug Report

Mar 4 2020

dkg created T4866: `gpg-agent --gpgconf-list` returns a non-zero error code 2 if $HOME is non-existent, causing `gpgconf` to fail.
Mar 4 2020, 4:46 PM · gpgagent, gnupg, Bug Report

Feb 28 2020

dkg added a comment to T4788: System wide configuration of the GnuPG system.

i'd be unlikely to ship anything as /etc/gnupg/gpg.conf or /etc/gnupg/dirmngr.conf just because of the mess that admins have to deal with when shipped config files change.

Feb 28 2020, 11:20 PM · gnupg (gpg23), Feature Request, gpg4win, g10code

Feb 27 2020

dkg added a comment to T4861: GPGme 1.13.1 fails at t-json.

I think this might be the same as T4820.

Feb 27 2020, 11:08 PM · gpgme, Bug Report

Feb 26 2020

dkg added a comment to T4814: GpgOL: Send multiple E-Mails for BCC recipients.

I think this is a great feature to have. Thanks for working on it, @aheinecke .

Feb 26 2020, 7:30 PM · gpgol
dkg added a task to rGad55de709305: gpg: Update --trusted-key to accept fingerprint as well as long key id.: T4855: The trusted-key option requires a long key ID and won't take a fingerprint.
Feb 26 2020, 7:14 PM
dkg added a commit to T4855: The trusted-key option requires a long key ID and won't take a fingerprint: rGad55de709305: gpg: Update --trusted-key to accept fingerprint as well as long key id..
Feb 26 2020, 7:14 PM · gnupg (gpg22), Feature Request
dkg added a comment to T4855: The trusted-key option requires a long key ID and won't take a fingerprint.

I've just pushed ad55de70930543c1681b11e4bd624be074122b23 onto branch dkg/fix-4855 as a proposed fix, to permit --trusted-key to accept a full 20-byte fingerprint.

Feb 26 2020, 7:13 PM · gnupg (gpg22), Feature Request
dkg committed rGad55de709305: gpg: Update --trusted-key to accept fingerprint as well as long key id. (authored by dkg).
gpg: Update --trusted-key to accept fingerprint as well as long key id.
Feb 26 2020, 7:12 PM

Feb 21 2020

dkg added a comment to T4513: dirmngr should try the configured keyservers anyway even if they are all dead.

In T4513#132770, @aheinecke wrote:

Werner could you maybe at least check for an internet connection, I don't know how to do it on Linux but on Windows it's easy because windows has API for that.

Feb 21 2020, 6:33 PM · Feature Request, Keyserver, dirmngr

Feb 19 2020

dkg committed rG60dbe082949b: doc: Correction of typo in documentation of KEY_CONSIDERED (authored by Nick Piper <nick.piper@cgi.com>).
doc: Correction of typo in documentation of KEY_CONSIDERED
Feb 19 2020, 12:13 AM
dkg committed rG0904b8ef348a: Spelling cleanup. (authored by dkg).
Spelling cleanup.
Feb 19 2020, 12:12 AM
dkg committed rG0e1cbabc0ad4: doc: Correction of typo in documentation of KEY_CONSIDERED (authored by Nick Piper <nick.piper@cgi.com>).
doc: Correction of typo in documentation of KEY_CONSIDERED
Feb 19 2020, 12:12 AM

Feb 5 2020

dkg added a comment to T4837: outlook declines to render internal part when Content-Disposition: inline on actual body.

I've just tested this with GpgOL 2.4.6~beta3 as well, and while the i see the same issue :( (though the legacy display part is not shown, thanks to your fix of T4796).

Feb 5 2020, 12:46 AM · gpgol, Bug Report, gpg4win
dkg added a comment to T4796: GpgOL should hide "legacy display" parts when it encounters them.

Thanks! taking screenshots is definitely tedious. I just redid the screenshots for all the sample pgp/mime messages with GpgOL 2.4.6-beta3, and i can confirm that it looks like you've resolved the matter.

Feb 5 2020, 12:45 AM · gpgol, Bug Report, gpg4win

Feb 4 2020

dkg created T4837: outlook declines to render internal part when Content-Disposition: inline on actual body.
Feb 4 2020, 12:43 AM · gpgol, Bug Report, gpg4win

Jan 29 2020

dkg added a comment to rMcff600f1f65a: Do not test for a bug in older GnuPG versions.

Avoiding a failure for older versions means that the test suite won't catch this particular bug if it is reintroduced in future versions. That seems suboptimal for me, but given the complexity of the dependency chain, i don't know how to solve it. I prefer just raising an error with older versions of GnuPG as with rMf2aeb2563ba2 , as this is a test of the json interface, which isn't in widespread use yet.

Jan 29 2020, 7:24 PM
dkg closed T4766: gpgme_signature_t relies on `unsigned long` for signature creation and expiration times as Wontfix.

Changing back to wontfix given the wontfix resolution of T4826

Jan 29 2020, 3:44 PM · gpgme, Bug Report
dkg added a comment to T4826: Expiration dates after 2107 are reported as wraparound expiration dates.

This is not a problem for 2107 (when you and i are 6 feet under). it's a problem well before then for anything that has an expiration date of 2107 or later (as demonstrated by the legitimate example certificate here today).

Jan 29 2020, 3:44 PM · gnupg (gpg22), Bug Report
dkg added a comment to T4826: Expiration dates after 2107 are reported as wraparound expiration dates.

This is a problem for gpgv and gpg as well. gpg reports:

Jan 29 2020, 1:02 AM · gnupg (gpg22), Bug Report
dkg added a comment to T4766: gpgme_signature_t relies on `unsigned long` for signature creation and expiration times.

It looks like at least for OpenPGP, the layer below GPGME is also broken for expiration dates in this time window (see T4826)

Jan 29 2020, 1:01 AM · gpgme, Bug Report
dkg created T4826: Expiration dates after 2107 are reported as wraparound expiration dates.
Jan 29 2020, 1:00 AM · gnupg (gpg22), Bug Report
dkg added a comment to T4766: gpgme_signature_t relies on `unsigned long` for signature creation and expiration times.
-----BEGIN PGP PRIVATE KEY BLOCK-----
Jan 29 2020, 12:38 AM · gpgme, Bug Report
dkg added a comment to T4766: gpgme_signature_t relies on `unsigned long` for signature creation and expiration times.
-----BEGIN PGP PUBLIC KEY BLOCK-----
Jan 29 2020, 12:35 AM · gpgme, Bug Report

Jan 28 2020

dkg added a comment to T4766: gpgme_signature_t relies on `unsigned long` for signature creation and expiration times.

I don't mind a workaround that avoids an ABI/API fix as long as it defers actual failures until 2038.

Jan 28 2020, 11:45 PM · gpgme, Bug Report
dkg reopened T4766: gpgme_signature_t relies on `unsigned long` for signature creation and expiration times as "Open".

I'm reopening this because i think users of these 32-bit platforms are going to run into issues before 2038 happens. Certs could appear expired before they are actually expired, for example, because of the wraparound time.

Jan 28 2020, 11:44 PM · gpgme, Bug Report

Jan 27 2020

dkg created T4825: gpg --weak-digest SHA1 incurs a serious performance cost for `--check-trustdb`.
Jan 27 2020, 8:58 PM · gnupg (gpg22), Bug Report
dkg updated subscribers of T4820: gpgme's json test fails with gpg 2.2.19.

thanks for looking at this, @aheinecke ! if you or @werner know of any internal side effects where this does matter, it would be great to add a test that documents them.

Jan 27 2020, 6:08 PM · gpgme, Bug Report

Jan 24 2020

dkg added a comment to T4817: dirmgr keys.openpgp.org:443 Address family not supported by protocol.

(if you don't want to publish the full strace output here because you're concerned it might leak some information about your machine or your network, but you're ok sharing it with me personally, you can send it to me privately by e-mail, encrypted to the OpenPGP certificate with fingerprint C4BC2DDB38CCE96485EBE9C2F20691179038E5C6, and sent to one of the e-mail addresses associated with that certificate. please make a note here if you do that)

Jan 24 2020, 3:20 PM · Bug Report
dkg added a comment to T4817: dirmgr keys.openpgp.org:443 Address family not supported by protocol.

ok, that's deeply weird. i'm assuming that this machine has IPv4 connectivity. I have no idea why dirmngr would be returning EAFNOSUPPORT in that case.

Jan 24 2020, 3:18 PM · Bug Report
dkg added a task to rM414938cfedbd: m4/python: Scan for python 3.8 as well: T4821: gpgme's m4/python.m4 doesn't search for python 3.8.
Jan 24 2020, 12:32 AM
dkg added a commit to T4821: gpgme's m4/python.m4 doesn't search for python 3.8: rM414938cfedbd: m4/python: Scan for python 3.8 as well.
Jan 24 2020, 12:32 AM · gpgme
dkg added commits to T4820: gpgme's json test fails with gpg 2.2.19: rMc4cf527ea227: gpg: Send --with-keygrip when listing keys, rMf2aeb2563ba2: tests/json: Bravo key does not have secret key material.
Jan 24 2020, 12:31 AM · gpgme, Bug Report
dkg added a task to rMc4cf527ea227: gpg: Send --with-keygrip when listing keys: T4820: gpgme's json test fails with gpg 2.2.19.
Jan 24 2020, 12:31 AM
dkg added a task to rMf2aeb2563ba2: tests/json: Bravo key does not have secret key material: T4820: gpgme's json test fails with gpg 2.2.19.
Jan 24 2020, 12:31 AM
dkg added a comment to T4821: gpgme's m4/python.m4 doesn't search for python 3.8.

branch dkg/fix-4821 contains a fix for this, in commit 414938cfedbdb97b83d00e8619dec9502096be22

Jan 24 2020, 12:31 AM · gpgme
dkg committed rM414938cfedbd: m4/python: Scan for python 3.8 as well (authored by dkg).
m4/python: Scan for python 3.8 as well
Jan 24 2020, 12:30 AM
dkg created T4821: gpgme's m4/python.m4 doesn't search for python 3.8.
Jan 24 2020, 12:30 AM · gpgme
dkg committed rMc4cf527ea227: gpg: Send --with-keygrip when listing keys (authored by dkg).
gpg: Send --with-keygrip when listing keys
Jan 24 2020, 12:26 AM
dkg committed rMf2aeb2563ba2: tests/json: Bravo key does not have secret key material (authored by dkg).
tests/json: Bravo key does not have secret key material
Jan 24 2020, 12:26 AM
dkg added a comment to T4820: gpgme's json test fails with gpg 2.2.19.

in particular, c4cf527ea227edb468a84bf9b8ce996807bd6992 and f2aeb2563ba2f55eea7f52041e52062fdc839a64

Jan 24 2020, 12:25 AM · gpgme, Bug Report
dkg added a comment to T4820: gpgme's json test fails with gpg 2.2.19.

The dkg/fix-4820 branch now has these two fixes.

Jan 24 2020, 12:23 AM · gpgme, Bug Report

Jan 23 2020

dkg added a comment to T4820: gpgme's json test fails with gpg 2.2.19.

For easier reference or searchability, the test error looks like this:

Jan 23 2020, 11:57 PM · gpgme, Bug Report
dkg created T4820: gpgme's json test fails with gpg 2.2.19.
Jan 23 2020, 11:40 PM · gpgme, Bug Report
dkg added a comment to T4817: dirmgr keys.openpgp.org:443 Address family not supported by protocol.

This appears to be a different error than above. here we see:

Jan 23 2020, 5:50 PM · Bug Report

Jan 22 2020

dkg added a comment to T4817: dirmgr keys.openpgp.org:443 Address family not supported by protocol.

this looks to me like a problem with the TLS handshake -- it looks like this is a response coming from the TLS stack -- as rfc 8446 says, alert 49 is access_denied:

Jan 22 2020, 6:47 PM · Bug Report

Jan 17 2020

dkg added a comment to T1983: gpg2 prefers missing secret key to available key on card.

This is also https://bugs.debian.org/346241

Jan 17 2020, 7:25 PM · Bug Report, gnupg