dkg (Daniel Kahn Gillmor)
User

Projects

Today

  • Clear sailing ahead.

Tomorrow

  • Clear sailing ahead.

Wednesday

  • Clear sailing ahead.

User Details

User Since
Mar 27 2017, 4:49 PM (129 w, 5 h)
Availability
Available

Recent Activity

Tue, Sep 10

dkg added a comment to T4704: Wrong error message when key is expired.

yep, the implementation thinks that the default signing key is expired due to metadata contained in the public keyring. The secret key is available to the implementation. So the error mesage No secret key can cause confusion and/or panic if the user thinks they've actually lost their secret key.

Tue, Sep 10, 3:15 PM · gnupg (gpg23), UI, Bug Report

Mon, Sep 9

dkg added projects to T4704: Wrong error message when key is expired: gnupg (gpg22), UI.

fwiw, i can reproduce this on debian unstable with gpg version 2.2.17, without a redirected agent -- so the agent redirection isn't relevant here.

Mon, Sep 9, 5:06 PM · gnupg (gpg23), UI, Bug Report
dkg added a comment to T4698: Results from clang analyzer.

@stm -- thank you for this!

Mon, Sep 9, 4:34 PM · gpgrt, Bug Report

Sun, Sep 1

dkg created T4694: manage first-party attestations.
Sun, Sep 1, 1:45 PM · Feature Request

Tue, Aug 27

dkg added a comment to T4276: Context.decrypt() throws an error if *any* signature is bad.

i'm actually running make -j3 check, since make -j3 distcheck has the problems described in T4688.

Tue, Aug 27, 4:50 PM · gpgme, Python, Bug Report
dkg created T4688: `make distcheck` fails trying to make `rst/gpgme-python-howto.rst`.
Tue, Aug 27, 4:48 PM · gpgme, Bug Report
dkg added a comment to T4276: Context.decrypt() throws an error if *any* signature is bad.

So i've been able to (intermittently) reproduce the failures that i think @werner was alluding to here, but not under any circumstances where i can get them to happen reliably to understand what's going on.

Tue, Aug 27, 4:18 PM · gpgme, Python, Bug Report

Sat, Aug 24

dkg added a comment to T4393: GnuPG should always accept key updates even if the update does not contain UIDs.

It has now been more than a month since:

Sat, Aug 24, 12:55 AM · gnupg (gpg23), Feature Request

Thu, Aug 22

dkg added a comment to T2669: gpg --import auto-launches gpg-agent even when no secret keys are imported.

Thanks, @gniibe. From reading this patch (i haven't tested it), it looks like it would avoid most unnecessary agent launches (and agent communication) in the (b) case, which is a win over the status quo.

Thu, Aug 22, 8:47 PM · Bug Report, gnupg

Wed, Aug 21

dkg added a comment to T4679: WKD spec should document exactly when a client should fall back from "advanced" to "direct" URL.

This was also raised for (hopefully) wider discussion on the IETF mailing list.

Wed, Aug 21, 8:32 PM · Documentation, wkd
dkg set External Link to https://en.wikipedia.org/wiki/Ms. on T4682: Salutation "Mrs." implies that the user is married. Use "Ms." instead..
Wed, Aug 21, 7:52 PM · gnupg (gpg23), Bug Report
dkg added a task to rGc4b9eba1d6a6: gpg: Adjust female-gendered salutation from Mrs. to Ms.: T4682: Salutation "Mrs." implies that the user is married. Use "Ms." instead..
Wed, Aug 21, 7:51 PM
dkg added a commit to T4682: Salutation "Mrs." implies that the user is married. Use "Ms." instead.: rGc4b9eba1d6a6: gpg: Adjust female-gendered salutation from Mrs. to Ms..
Wed, Aug 21, 7:51 PM · gnupg (gpg23), Bug Report
dkg added a comment to T4682: Salutation "Mrs." implies that the user is married. Use "Ms." instead..

i've just pushed rGc4b9eba1d6a63b73238dcbb644b365dc53563f3d to the dkg-fix-T4682 branch resolve this.

Wed, Aug 21, 7:51 PM · gnupg (gpg23), Bug Report
dkg committed rGc4b9eba1d6a6: gpg: Adjust female-gendered salutation from Mrs. to Ms. (authored by dkg).
gpg: Adjust female-gendered salutation from Mrs. to Ms.
Wed, Aug 21, 7:51 PM
dkg created T4682: Salutation "Mrs." implies that the user is married. Use "Ms." instead..
Wed, Aug 21, 7:49 PM · gnupg (gpg23), Bug Report

Tue, Aug 20

dkg created T4680: dirmngr documentation titles claim X.509 only, but should describe full scope of the daemon.
Tue, Aug 20, 11:13 PM · gnupg, Documentation, Bug Report
dkg created T4679: WKD spec should document exactly when a client should fall back from "advanced" to "direct" URL.
Tue, Aug 20, 10:59 PM · Documentation, wkd
dkg committed rGb7793c3af32b: doc: fix minor spelling and tense errors (authored by dkg).
doc: fix minor spelling and tense errors
Tue, Aug 20, 10:05 PM
dkg committed rGcba6e1bd7242: doc: clarify CARD event counter. (authored by dkg).
doc: clarify CARD event counter.
Tue, Aug 20, 10:05 PM
dkg added a comment to T4677: Failure using pinentry-tty or pinentry-curses when GnuPG's standard input is a file.

@skeeto can you edit the summary/title of this ticket to better reflect what you think the underlying issue is?

Tue, Aug 20, 2:45 AM · gnupg (gpg22), Info Needed, Bug Report
dkg reopened T2011: gnupg should notify cancellation of its operation to gpg-agent to kill pinentry as "Open".
Tue, Aug 20, 2:44 AM · Bug Report, gpgagent
dkg added a comment to T2011: gnupg should notify cancellation of its operation to gpg-agent to kill pinentry.

This appears to be https://bugs.debian.org/850946 and it does not appear to be fixed to me.

Tue, Aug 20, 2:43 AM · Bug Report, gpgagent
dkg reopened T2013: pinentry-curses / pinentry-tty should emit a bell when showing a dialog as "Open".

reviewing this, i think the situation is:

Tue, Aug 20, 2:36 AM · pinentry, Feature Request

Aug 10 2019

dkg added a comment to T4672: E-mail encryption in Microsoft Outlook Office 365 does not work properly.

Are you seeing mixed-up MIME parts? or a different problem?

Aug 10 2019, 4:26 AM · Bug Report, gpg4win
dkg added a comment to T4618: DANE OpenPGP certificate retrieval does not verify DNSSEC signatures.

WKD and DANE/OPENPGPKEY offer rather distinct properties. I'd be hard-pressed to say that one is "better" than the other without understanding the threat model and concerns of the evaluator:

Aug 10 2019, 4:24 AM · dns, dirmngr

Aug 3 2019

dkg created T4668: `gpgconf --launch gpg-agent` tells me to run `gpgconf --check-options gpg-agent`, but the latter command gives me no information.
Aug 3 2019, 7:30 PM · gnupg (gpg22), Bug Report
dkg created T4667: "gpg: deleting secret key failed: No pinentry" when in --batch mode with --pinentry=loopback.
Aug 3 2019, 7:15 PM · gnupg (gpg22), Bug Report
dkg added a comment to T4666: gpg --delete-secret-keys: excessive and unclear prompting, surprising outcomes.

I also observe that the text in the GUI prompts is remarkably unclear on its own. setting aside the grammar, punctuation, and wording, the prompts don't expose the usage flags set for the secret keys, which is possibly the only detail that a user with a single OpenPGP certificate would care about: "am i deleting my signing-capable subkey or my decryption-capable subkey?"

Aug 3 2019, 7:10 PM · gnupg (gpg23), Bug Report
dkg created T4666: gpg --delete-secret-keys: excessive and unclear prompting, surprising outcomes.
Aug 3 2019, 7:05 PM · gnupg (gpg23), Bug Report
dkg created T4665: gpg --delete-key of subkey leaves dangling subkey binding signature.
Aug 3 2019, 5:12 PM · gnupg (gpg22), Bug Report

Jul 31 2019

dkg created T4662: --locate-external-keys does not interact well with --no-auto-key-locate.
Jul 31 2019, 7:31 PM · gnupg (gpg22), Bug Report
dkg reopened T4661: gpg-agent "getinfo cmd_has_option" is frequently wrong as "Open".

Please update the documentation for the function in that case.

Jul 31 2019, 4:49 PM · Documentation, gpgagent
dkg added a comment to T4652: avoid unnecessary trailing NUL byte in S-expressions.

Please see my explanation on gnupg-devel about why the trailing NUL is a source of pain and difficulty for would-be adopters.

Jul 31 2019, 4:45 PM · gnupg, Bug Report

Jul 29 2019

dkg created T4661: gpg-agent "getinfo cmd_has_option" is frequently wrong.
Jul 29 2019, 8:54 PM · Documentation, gpgagent

Jul 27 2019

dkg added a comment to T4658: Fix a dangling pointer in pinentry's qt/main.cpp.

I've just uploaded pinentry 1.1.0-3 to debian unstable with this fix in it.

Jul 27 2019, 6:07 AM · pinentry, Bug Report
dkg added a comment to T4658: Fix a dangling pointer in pinentry's qt/main.cpp.

@aheinecke thanks for the heads-up. i'll pull this in.

Jul 27 2019, 1:16 AM · pinentry, Bug Report

Jul 25 2019

dkg added a comment to rGfdd1567743cc: gpg,gpgsm: Handle pkdecrypt responses with or without NUL terminators.

@aheinecke

Due to socket forwarding we can have different versions of gpg-agent and gpg / gpgsm because they are on different machines and afaik we try to support it.

Jul 25 2019, 2:54 PM
dkg added a comment to rGfdd1567743cc: gpg,gpgsm: Handle pkdecrypt responses with or without NUL terminators.

fwiw, if the old gcrypt actually returned a radically different API, it should have a larger SONAME across that change, and NEED_LIBGCRYPT_VERSION should reflect a source version that forces it past that SONAME. I don't know what version of libgcrypt behaved differently -- is there a reference for that?

Jul 25 2019, 2:45 PM
dkg added a comment to rGfdd1567743cc: gpg,gpgsm: Handle pkdecrypt responses with or without NUL terminators.

I don't think there's a problem to have a long explanatory message in the main repository, as i think it makes it easier to understand, and space is not an issue.

Jul 25 2019, 2:40 PM
dkg added a task to rGefffd9907b75: agent: Do not place a trailing NUL byte on S-expressions: T4652: avoid unnecessary trailing NUL byte in S-expressions.
Jul 25 2019, 1:59 AM
dkg added commits to T4652: avoid unnecessary trailing NUL byte in S-expressions: rGefffd9907b75: agent: Do not place a trailing NUL byte on S-expressions, rGfdd1567743cc: gpg,gpgsm: Handle pkdecrypt responses with or without NUL terminators.
Jul 25 2019, 1:59 AM · gnupg, Bug Report
dkg added a task to rGfdd1567743cc: gpg,gpgsm: Handle pkdecrypt responses with or without NUL terminators: T4652: avoid unnecessary trailing NUL byte in S-expressions.
Jul 25 2019, 1:59 AM
dkg added a comment to T4652: avoid unnecessary trailing NUL byte in S-expressions.

I've just broken out my changes into two commits, one that makes gpg and gpgsm more robust. That should be applicable without any risk.

Jul 25 2019, 1:59 AM · gnupg, Bug Report
dkg removed a task from rGb84feb0c82eb: agent: Do not place a trailing NUL byte on S-expression: T4652: avoid unnecessary trailing NUL byte in S-expressions.
Jul 25 2019, 1:58 AM
dkg removed a commit from T4652: avoid unnecessary trailing NUL byte in S-expressions: rGb84feb0c82eb: agent: Do not place a trailing NUL byte on S-expression.
Jul 25 2019, 1:58 AM · gnupg, Bug Report
dkg committed rGfdd1567743cc: gpg,gpgsm: Handle pkdecrypt responses with or without NUL terminators (authored by dkg).
gpg,gpgsm: Handle pkdecrypt responses with or without NUL terminators
Jul 25 2019, 1:57 AM
dkg committed rGefffd9907b75: agent: Do not place a trailing NUL byte on S-expressions (authored by dkg).
agent: Do not place a trailing NUL byte on S-expressions
Jul 25 2019, 1:57 AM

Jul 24 2019

dkg removed a task from rG1ae16838660a: agent: Do not place a trailing NUL byte on S-expression: T4652: avoid unnecessary trailing NUL byte in S-expressions.
Jul 24 2019, 6:24 AM
dkg added a task to rGb84feb0c82eb: agent: Do not place a trailing NUL byte on S-expression: T4652: avoid unnecessary trailing NUL byte in S-expressions.
Jul 24 2019, 6:24 AM
dkg edited commits for T4652: avoid unnecessary trailing NUL byte in S-expressions, added: rGb84feb0c82eb: agent: Do not place a trailing NUL byte on S-expression; removed rG1ae16838660a: agent: Do not place a trailing NUL byte on S-expression.
Jul 24 2019, 6:24 AM · gnupg, Bug Report
dkg added a comment to T4652: avoid unnecessary trailing NUL byte in S-expressions.

I've just posted rGb84feb0c82eb to the dkg-fix-T4652 branch, which solves the failure problems by making agent_pkdecrypt and gpgsm_agent_pkdecrypt more robust.

Jul 24 2019, 6:24 AM · gnupg, Bug Report
dkg committed rGb84feb0c82eb: agent: Do not place a trailing NUL byte on S-expression (authored by dkg).
agent: Do not place a trailing NUL byte on S-expression
Jul 24 2019, 6:23 AM

Jul 23 2019

dkg added a comment to T4652: avoid unnecessary trailing NUL byte in S-expressions.

fwiw, this patch appears to cause gpgsm to fail its test suite:

Jul 23 2019, 6:46 PM · gnupg, Bug Report
dkg edited commits for T4652: avoid unnecessary trailing NUL byte in S-expressions, added: rG1ae16838660a: agent: Do not place a trailing NUL byte on S-expression; removed rG804ca2dba258: agent: Do not place a trailing NUL byte on S-expression.
Jul 23 2019, 5:49 PM · gnupg, Bug Report
dkg added a task to rG1ae16838660a: agent: Do not place a trailing NUL byte on S-expression: T4652: avoid unnecessary trailing NUL byte in S-expressions.
Jul 23 2019, 5:49 PM
dkg removed a task from rG804ca2dba258: agent: Do not place a trailing NUL byte on S-expression: T4652: avoid unnecessary trailing NUL byte in S-expressions.
Jul 23 2019, 5:49 PM
dkg committed rG1ae16838660a: agent: Do not place a trailing NUL byte on S-expression (authored by dkg).
agent: Do not place a trailing NUL byte on S-expression
Jul 23 2019, 5:48 PM
dkg updated the task description for T4652: avoid unnecessary trailing NUL byte in S-expressions.
Jul 23 2019, 5:46 PM · gnupg, Bug Report
dkg added a commit to T4652: avoid unnecessary trailing NUL byte in S-expressions: rG804ca2dba258: agent: Do not place a trailing NUL byte on S-expression.
Jul 23 2019, 5:45 PM · gnupg, Bug Report
dkg added a task to rG804ca2dba258: agent: Do not place a trailing NUL byte on S-expression: T4652: avoid unnecessary trailing NUL byte in S-expressions.
Jul 23 2019, 5:45 PM
dkg renamed T4647: "gpg.exe -se" fails when run programmatically, but does not fail when run from the command line from Issue with gpg.exe to "gpg.exe -se" fails when run programmatically, but does not fail when run from the command line.
Jul 23 2019, 5:43 PM · Info Needed, gpg4win, Bug Report
dkg committed rG804ca2dba258: agent: Do not place a trailing NUL byte on S-expression (authored by dkg).
agent: Do not place a trailing NUL byte on S-expression
Jul 23 2019, 5:41 PM
dkg added a comment to T4652: avoid unnecessary trailing NUL byte in S-expressions.

I've just pushed rG1ae16838660a to the dkg-fix-T4652 branch (i just adjusted it the commit message to include the GnuPG-bug-id)

Jul 23 2019, 5:40 PM · gnupg, Bug Report
dkg created T4652: avoid unnecessary trailing NUL byte in S-expressions.
Jul 23 2019, 5:37 PM · gnupg, Bug Report
dkg added a comment to T4647: "gpg.exe -se" fails when run programmatically, but does not fail when run from the command line.

This report doesn't contain enough information to be able to tell you why the command is failing within your program, but not failing outside of it.

Jul 23 2019, 5:16 AM · Info Needed, gpg4win, Bug Report

Jul 20 2019

dkg committed rG6ca2289a9d9c: dirmngr: Don't add system CAs for SKS HKPS pool. (authored by gniibe).
dirmngr: Don't add system CAs for SKS HKPS pool.
Jul 20 2019, 8:21 PM
dkg committed rG9e12829299c7: gpg: Fix keyring retrieval. (authored by gniibe).
gpg: Fix keyring retrieval.
Jul 20 2019, 8:21 PM
dkg committed rGf56d60f43bcc: gpg: Improve import slowness. (authored by gniibe).
gpg: Improve import slowness.
Jul 20 2019, 8:21 PM
dkg committed rGca820eda3248: fix spelling (authored by dkg).
fix spelling
Jul 20 2019, 8:21 PM
dkg committed rGab76d6483741: gpg: drop import-clean from default keyserver import options (authored by dkg).
gpg: drop import-clean from default keyserver import options
Jul 20 2019, 8:21 PM
dkg committed rG253024a536a3: Use hkps://keys.openpgp.org as the default keyserver (authored by dkg).
Use hkps://keys.openpgp.org as the default keyserver
Jul 20 2019, 8:21 PM
dkg committed rG4c9bfbe23877: Make gpg-zip use tar from $PATH (authored by dkg).
Make gpg-zip use tar from $PATH
Jul 20 2019, 8:21 PM
dkg committed rGe70841404d72: gpg: allow import of previously known keys, even without UIDs (authored by Valodim).
gpg: allow import of previously known keys, even without UIDs
Jul 20 2019, 8:21 PM
dkg committed rGb2605ad61451: gpg: accept subkeys with a good revocation but no self-sig during import (authored by Valodim).
gpg: accept subkeys with a good revocation but no self-sig during import
Jul 20 2019, 8:21 PM
dkg committed rG2627cd5e54ab: tests: add test cases for import without uid (authored by Valodim).
tests: add test cases for import without uid
Jul 20 2019, 8:21 PM
dkg committed rG263a07f04d13: dirmngr: Only use SKS pool CA for SKS pool (authored by dkg).
dirmngr: Only use SKS pool CA for SKS pool
Jul 20 2019, 8:21 PM
dkg committed rGa446c4db9574: gpg: Default to SHA-512 for all signature types on RSA keys. (authored by dkg).
gpg: Default to SHA-512 for all signature types on RSA keys.
Jul 20 2019, 8:21 PM
dkg committed rG7576681260e6: gpg: Prefer SHA-512 and SHA-384 in personal-digest-preferences. (authored by dkg).
gpg: Prefer SHA-512 and SHA-384 in personal-digest-preferences.
Jul 20 2019, 8:21 PM
dkg committed rGf7c787285335: gpg: default to AES-256. (authored by dkg).
gpg: default to AES-256.
Jul 20 2019, 8:21 PM
dkg committed rG9420c525db20: gpg: default to 3072-bit RSA keys. (authored by dkg).
gpg: default to 3072-bit RSA keys.
Jul 20 2019, 8:21 PM
dkg committed rGd369f30f319f: agent: Allow threads to interrupt main select loop with SIGCONT. (authored by dkg).
agent: Allow threads to interrupt main select loop with SIGCONT.
Jul 20 2019, 8:21 PM
dkg committed rGb76dacf10dd3: agent: Avoid scheduled checks on socket when inotify is working. (authored by dkg).
agent: Avoid scheduled checks on socket when inotify is working.
Jul 20 2019, 8:21 PM
dkg committed rGe7e570809146: agent: Avoid tight timer tick when possible. (authored by dkg).
agent: Avoid tight timer tick when possible.
Jul 20 2019, 8:21 PM
dkg committed rG38ab07d34464: dirmngr: Avoid automatically checking upstream swdb. (authored by dkg).
dirmngr: Avoid automatically checking upstream swdb.
Jul 20 2019, 8:21 PM
dkg committed rG758212d3b25e: agent: Create framework of scheduled timers. (authored by dkg).
agent: Create framework of scheduled timers.
Jul 20 2019, 8:21 PM
dkg committed rG4e63d9c07c43: dirmngr: Avoid need for hkp housekeeping. (authored by dkg).
dirmngr: Avoid need for hkp housekeeping.
Jul 20 2019, 8:21 PM
dkg committed rG337ae2374e79: Avoid simple memory dumps via ptrace (authored by dkg).
Avoid simple memory dumps via ptrace
Jul 20 2019, 8:21 PM
dkg committed rG24507b15672d: dirmngr: hkp: Avoid potential race condition when some hosts die. (authored by dkg).
dirmngr: hkp: Avoid potential race condition when some hosts die.
Jul 20 2019, 8:21 PM
dkg added a comment to T4393: GnuPG should always accept key updates even if the update does not contain UIDs.

@werner wrote:

Other tasks in master are right now more important.

Jul 20 2019, 1:39 AM · gnupg (gpg23), Feature Request

Jul 18 2019

dkg committed rE732855a48370: build: Use {CFLAGS,CPPFLAGS, LDFLAGS}_FOR_BUILD for helper programs (authored by dkg).
build: Use {CFLAGS,CPPFLAGS, LDFLAGS}_FOR_BUILD for helper programs
Jul 18 2019, 5:49 PM
dkg added a commit to T4643: gpgrt: enable the environment to set compiler and linker flags for helper tools: rE732855a48370: build: Use {CFLAGS,CPPFLAGS, LDFLAGS}_FOR_BUILD for helper programs.
Jul 18 2019, 5:49 PM · gpgrt, Feature Request
dkg added a comment to T4643: gpgrt: enable the environment to set compiler and linker flags for helper tools.

I've just pushed rE732855a483709345a5c0f49504f45cb8da3f883a to dkg-fix-T4643 in the gpg-error git repository. I don't know why it is not yet visible here.

Jul 18 2019, 5:31 PM · gpgrt, Feature Request
dkg created T4643: gpgrt: enable the environment to set compiler and linker flags for helper tools.
Jul 18 2019, 5:21 PM · gpgrt, Feature Request
dkg added commits to T4641: Libassuan: enable the environment to set compiler and linker flags for helper tools: rA45f01593d4ce: pass through {CFLAGS,CPPFLAGS,LDFLAGS}_FOR_BUILD when creating helper programs, rA98d7c7ea3f37: build: Use {CFLAGS,CPPFLAGS,LDFLAGS}_FOR_BUILD for helper programs..
Jul 18 2019, 4:37 PM · libassuan, Feature Request
dkg added a task to rA45f01593d4ce: pass through {CFLAGS,CPPFLAGS,LDFLAGS}_FOR_BUILD when creating helper programs: T4641: Libassuan: enable the environment to set compiler and linker flags for helper tools.
Jul 18 2019, 4:37 PM
dkg added a task to rA98d7c7ea3f37: build: Use {CFLAGS,CPPFLAGS,LDFLAGS}_FOR_BUILD for helper programs.: T4641: Libassuan: enable the environment to set compiler and linker flags for helper tools.
Jul 18 2019, 4:37 PM
dkg added a comment to rA98d7c7ea3f37: build: Use {CFLAGS,CPPFLAGS,LDFLAGS}_FOR_BUILD for helper programs..

CC_FOR_BUILD is defined in configure.ac as build system C compiler, not build system C compiler and flags.

Jul 18 2019, 4:35 PM
dkg added a comment to T4628: new import-clean default for keys from keyservers modifies the local keyring when anything is returned.

I'm aware of you releasing an RC for comments, and i apologize for not catching this particular case earlier. As you know from T4607, i was even advocating for it. i didn't understand the full implications of the "import-then-clean" approach at the time, and was thinking it would only apply to the incoming material, not the stored material.

Jul 18 2019, 4:26 PM · Keyserver, gnupg (gpg22), Bug Report
dkg committed rA45f01593d4ce: pass through {CFLAGS,CPPFLAGS,LDFLAGS}_FOR_BUILD when creating helper programs (authored by dkg).
pass through {CFLAGS,CPPFLAGS,LDFLAGS}_FOR_BUILD when creating helper programs
Jul 18 2019, 12:57 AM