From mboxrd@z Thu Jan 1 00:00:00 1970 Path: news.gmane.org!.POSTED!not-for-mail From: Jens Lechtenboerger Newsgroups: gmane.emacs.bugs Subject: bug#17391: Bug#745553: emacs24-el: mml2015-always-trust should default to nil, not t Date: Thu, 26 Jan 2017 19:36:09 +0100 Message-ID: <87a8add5ye.fsf@informationelle-selbstbestimmung-im-internet.de> References: <20140422190613.18043.21415.reportbug@alice.fifthhorseman.net> <877g6eilsp.fsf@trouble.defaultvalue.org> <53640041.7070703@fifthhorseman.net> <87k29jvyzc.fsf@gnus.org> <87a8aehpf8.fsf@informationelle-selbstbestimmung-im-internet.de> <87a8aenaqe.fsf@alice.fifthhorseman.net> NNTP-Posting-Host: blaine.gmane.org Mime-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable X-Trace: blaine.gmane.org 1485455849 11743 195.159.176.226 (26 Jan 2017 18:37:29 GMT) X-Complaints-To: usenet@blaine.gmane.org NNTP-Posting-Date: Thu, 26 Jan 2017 18:37:29 +0000 (UTC) Cc: 745553@bugs.debian.org, 17338@debbugs.gnu.org, Justus Winter , 745553-forwarded@bugs.debian.org, Lars Ingebrigtsen , Daiki Ueno , 17391@debbugs.gnu.org, rlb@defaultvalue.org, "Neal H. Walfield" To: Daniel Kahn Gillmor Original-X-From: bug-gnu-emacs-bounces+geb-bug-gnu-emacs=m.gmane.org@gnu.org Thu Jan 26 19:37:21 2017 Return-path: Envelope-to: geb-bug-gnu-emacs@m.gmane.org Original-Received: from lists.gnu.org ([208.118.235.17]) by blaine.gmane.org with esmtp (Exim 4.84_2) (envelope-from ) id 1cWov4-0001qn-6m for geb-bug-gnu-emacs@m.gmane.org; Thu, 26 Jan 2017 19:37:14 +0100 Original-Received: from localhost ([::1]:40549 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1cWov9-0002jH-FL for geb-bug-gnu-emacs@m.gmane.org; Thu, 26 Jan 2017 13:37:19 -0500 Original-Received: from eggs.gnu.org ([2001:4830:134:3::10]:60122) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1cWoux-0002g5-HE for bug-gnu-emacs@gnu.org; Thu, 26 Jan 2017 13:37:12 -0500 Original-Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1cWous-0005VW-Pm for bug-gnu-emacs@gnu.org; Thu, 26 Jan 2017 13:37:07 -0500 Original-Received: from debbugs.gnu.org ([208.118.235.43]:47735) by eggs.gnu.org with esmtps (TLS1.0:RSA_AES_128_CBC_SHA1:16) (Exim 4.71) (envelope-from ) id 1cWous-0005VS-ME for bug-gnu-emacs@gnu.org; Thu, 26 Jan 2017 13:37:02 -0500 Original-Received: from Debian-debbugs by debbugs.gnu.org with local (Exim 4.84_2) (envelope-from ) id 1cWous-00014L-GF; Thu, 26 Jan 2017 13:37:02 -0500 X-Loop: help-debbugs@gnu.org Resent-From: Jens Lechtenboerger Original-Sender: "Debbugs-submit" Resent-CC: bug-gnu-emacs@gnu.org, bugs@gnus.org Resent-Date: Thu, 26 Jan 2017 18:37:02 +0000 Resent-Message-ID: Resent-Sender: help-debbugs@gnu.org X-GNU-PR-Message: followup 17391 X-GNU-PR-Package: emacs,gnus X-GNU-PR-Keywords: Original-Received: via spool by 17391-submit@debbugs.gnu.org id=B17391.14854557844058 (code B ref 17391); Thu, 26 Jan 2017 18:37:02 +0000 Original-Received: (at 17391) by debbugs.gnu.org; 26 Jan 2017 18:36:24 +0000 Original-Received: from localhost ([127.0.0.1]:45932 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1cWouG-00013J-JI for submit@debbugs.gnu.org; Thu, 26 Jan 2017 13:36:24 -0500 Original-Received: from mx2.mailbox.org ([80.241.60.215]:59941) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1cWouD-000130-Uc; Thu, 26 Jan 2017 13:36:22 -0500 Original-Received: from smtp1.mailbox.org (smtp1.mailbox.org [80.241.60.240]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx2.mailbox.org (Postfix) with ESMTPS id 46412457EB; Thu, 26 Jan 2017 19:36:15 +0100 (CET) X-Virus-Scanned: amavisd-new at heinlein-support.de Original-Received: from smtp1.mailbox.org ([80.241.60.240]) by hefe.heinlein-support.de (hefe.heinlein-support.de [91.198.250.172]) (amavisd-new, port 10030) with ESMTP id pV8jcKJTrEtv; Thu, 26 Jan 2017 19:36:12 +0100 (CET) OpenPGP: id=0xA142FD84; url=https://www.informationelle-selbstbestimmung-im-internet.de/A142FD84.asc In-Reply-To: <87a8aenaqe.fsf@alice.fifthhorseman.net> (Daniel Kahn Gillmor's message of "Wed, 25 Jan 2017 15:30:33 -0500") X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic] X-Received-From: 208.118.235.43 X-BeenThere: bug-gnu-emacs@gnu.org List-Id: "Bug reports for GNU Emacs, the Swiss army knife of text editors" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: bug-gnu-emacs-bounces+geb-bug-gnu-emacs=m.gmane.org@gnu.org Original-Sender: "bug-gnu-emacs" Xref: news.gmane.org gmane.emacs.bugs:128582 Archived-At: On 2017-01-25, at 15:30, Daniel Kahn Gillmor wrote: > On Wed 2017-01-25 15:09:47 -0500, Jens Lechtenboerger wrote: >> mml2015-always-trust is replaced by mml-secure-openpgp-always-trust >> nowadays. I certainly wouldn=E2=80=99t object if the default value was >> changed, but lots of long-term users might be surprised. > > It's also possible that lots of long-term users might be surprised to > find that refreshing one key in their keyring is likely to cause a > change in behavior for the use of other keys in their keyring. this is > a silent surprise, which seems worse than a public surprise. Sorry, I don=E2=80=99t understand this. What change in one key is causing silent changes for other keys? >> Also, nowadays, if multiple keys are available for a recipient, the >> user is asked which key to use and whether to store that choice. > > And how is that choice stored? How and when can it be revisited by the > user? What happens if that choice becomes invalid in the future > (e.g. the primary key, or the encryption-capable subkey is revoked, > expired, etc)? That=E2=80=99s customized in mml-secure-key-preferences. So, the usual customize interface is available. And there is some code to detect and remove unusable customizations. >> Then, EasyPG is responsible for calling GnuPG. Maybe something >> needs to be adjusted there as well. What is the expected command >> line behavior? > > Modern versions of GnuPG automatically select the key which GnuPG knows > to have the best validity among all matches for the selector, thanks to > work put in by Justus Winter (cc'ed), so letting GnuPG make the decision > would relieve emacs of most of the hard work here, and would also mean > that any changes that the user makes to their GnuPG keyring would > automatically take effect in emacs without mml-mode needing to do > anything. The mml code is based on EasyPG by Daiki Ueno (cc=E2=80=99ed). EasyPG makes use of sub-keys and their IDs for encryption commands, instead of relying on GnuPG=E2=80=99s selections. > Modern versions of GnuPG also provide a "tofu" mechanism to store and > track that kind of decision in. Neal Walfield (also cc'ed here) put in > a lot of that implementation, so he might have some suggestions for the > best way to handle it. If Emacs was relying on GnuPG=E2=80=99s decisions, nothing special would be necessary for tofu, right? (Users could activate that in their gpg.conf.) Best wishes Jens