From mboxrd@z Thu Jan  1 00:00:00 1970
Path: news.gmane.org!.POSTED.blaine.gmane.org!not-for-mail
From: Lars Ingebrigtsen <larsi@gnus.org>
Newsgroups: gmane.emacs.bugs
Subject: bug#26587: 26.0.50; Gnus signs with false S/MIME key
Date: Wed, 09 Oct 2019 22:42:21 +0200
Message-ID: <87pnj53b2q.fsf@gnus.org>
References: <87fuh22dk6.fsf@wilson.bronger.org> <87r241kb4y.fsf@gnus.org>
 <87pnj6s3bj.fsf@physik.rwth-aachen.de>
Mime-Version: 1.0
Content-Type: text/plain
Injection-Info: blaine.gmane.org; posting-host="blaine.gmane.org:195.159.176.226";
	logging-data="123217"; mail-complaints-to="usenet@blaine.gmane.org"
User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/27.0.50 (gnu/linux)
Cc: 26587@debbugs.gnu.org
To: Torsten Bronger <bronger@physik.rwth-aachen.de>
Original-X-From: bug-gnu-emacs-bounces+geb-bug-gnu-emacs=m.gmane.org@gnu.org Wed Oct 09 23:50:27 2019
Return-path: <bug-gnu-emacs-bounces+geb-bug-gnu-emacs=m.gmane.org@gnu.org>
Envelope-to: geb-bug-gnu-emacs@m.gmane.org
Original-Received: from lists.gnu.org ([209.51.188.17])
	by blaine.gmane.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
	(Exim 4.89)
	(envelope-from <bug-gnu-emacs-bounces+geb-bug-gnu-emacs=m.gmane.org@gnu.org>)
	id 1iIJql-000Vwe-0j
	for geb-bug-gnu-emacs@m.gmane.org; Wed, 09 Oct 2019 23:50:27 +0200
Original-Received: from localhost ([::1]:59986 helo=lists1p.gnu.org)
	by lists.gnu.org with esmtp (Exim 4.90_1)
	(envelope-from <bug-gnu-emacs-bounces+geb-bug-gnu-emacs=m.gmane.org@gnu.org>)
	id 1iIJqj-000330-MS
	for geb-bug-gnu-emacs@m.gmane.org; Wed, 09 Oct 2019 17:50:25 -0400
Original-Received: from eggs.gnu.org ([2001:470:142:3::10]:39049)
 by lists.gnu.org with esmtp (Exim 4.90_1)
 (envelope-from <Debian-debbugs@debbugs.gnu.org>) id 1iIInb-0002pd-PH
 for bug-gnu-emacs@gnu.org; Wed, 09 Oct 2019 16:43:09 -0400
Original-Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
 (envelope-from <Debian-debbugs@debbugs.gnu.org>) id 1iIInZ-0007dk-VS
 for bug-gnu-emacs@gnu.org; Wed, 09 Oct 2019 16:43:07 -0400
Original-Received: from debbugs.gnu.org ([209.51.188.43]:45381)
 by eggs.gnu.org with esmtps (TLS1.0:RSA_AES_128_CBC_SHA1:16)
 (Exim 4.71) (envelope-from <Debian-debbugs@debbugs.gnu.org>)
 id 1iIInW-0007cT-D1
 for bug-gnu-emacs@gnu.org; Wed, 09 Oct 2019 16:43:05 -0400
Original-Received: from Debian-debbugs by debbugs.gnu.org with local (Exim 4.84_2)
 (envelope-from <Debian-debbugs@debbugs.gnu.org>)
 id 1iIInW-0003jO-50; Wed, 09 Oct 2019 16:43:02 -0400
X-Loop: help-debbugs@gnu.org
Resent-From: Lars Ingebrigtsen <larsi@gnus.org>
Original-Sender: "Debbugs-submit" <debbugs-submit-bounces@debbugs.gnu.org>
Resent-CC: bug-gnu-emacs@gnu.org, bugs@gnus.org
Resent-Date: Wed, 09 Oct 2019 20:43:02 +0000
Resent-Message-ID: <handler.26587.B26587.157065374914299@debbugs.gnu.org>
Resent-Sender: help-debbugs@gnu.org
X-GNU-PR-Message: followup 26587
X-GNU-PR-Package: emacs,gnus
X-GNU-PR-Keywords: security moreinfo
Original-Received: via spool by 26587-submit@debbugs.gnu.org id=B26587.157065374914299
 (code B ref 26587); Wed, 09 Oct 2019 20:43:02 +0000
Original-Received: (at 26587) by debbugs.gnu.org; 9 Oct 2019 20:42:29 +0000
Original-Received: from localhost ([127.0.0.1]:54201 helo=debbugs.gnu.org)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <debbugs-submit-bounces@debbugs.gnu.org>)
 id 1iIImy-0003iW-4U
 for submit@debbugs.gnu.org; Wed, 09 Oct 2019 16:42:29 -0400
Original-Received: from quimby.gnus.org ([80.91.231.51]:43716)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <larsi@gnus.org>) id 1iIImw-0003iN-9n
 for 26587@debbugs.gnu.org; Wed, 09 Oct 2019 16:42:26 -0400
Original-Received: from cm-84.212.202.86.getinternet.no ([84.212.202.86] helo=marnie)
 by quimby.gnus.org with esmtpsa (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
 (Exim 4.89) (envelope-from <larsi@gnus.org>)
 id 1iIIms-0004OC-1R; Wed, 09 Oct 2019 22:42:24 +0200
In-Reply-To: <87pnj6s3bj.fsf@physik.rwth-aachen.de> (Torsten Bronger's message
 of "Wed, 9 Oct 2019 10:58:24 +0200")
X-BeenThere: debbugs-submit@debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic]
X-Received-From: 209.51.188.43
X-BeenThere: bug-gnu-emacs@gnu.org
List-Id: "Bug reports for GNU Emacs,
 the Swiss army knife of text editors" <bug-gnu-emacs.gnu.org>
List-Unsubscribe: <https://lists.gnu.org/mailman/options/bug-gnu-emacs>,
 <mailto:bug-gnu-emacs-request@gnu.org?subject=unsubscribe>
List-Archive: <https://lists.gnu.org/archive/html/bug-gnu-emacs>
List-Post: <mailto:bug-gnu-emacs@gnu.org>
List-Help: <mailto:bug-gnu-emacs-request@gnu.org?subject=help>
List-Subscribe: <https://lists.gnu.org/mailman/listinfo/bug-gnu-emacs>,
 <mailto:bug-gnu-emacs-request@gnu.org?subject=subscribe>
Errors-To: bug-gnu-emacs-bounces+geb-bug-gnu-emacs=m.gmane.org@gnu.org
Original-Sender: "bug-gnu-emacs"
 <bug-gnu-emacs-bounces+geb-bug-gnu-emacs=m.gmane.org@gnu.org>
Xref: news.gmane.org gmane.emacs.bugs:168800
Archived-At: <http://permalink.gmane.org/gmane.emacs.bugs/168800>

Torsten Bronger <bronger@physik.rwth-aachen.de> writes:

> I would like the second key to be used.  But Gnus signs the email
> with the first certificate.

If I understand the code correctly, `epg-start-sign' is run here, and
gpgsm is started with the parameters looking like 

"--detach-sign" "-u" "4A44812B553ACE6D" "-u" "4A44812B553ACEetc"

with as many "-u"s as there are in your gpgsm store that matches
whatever you've set up in that list that lists all your identities you
want to use.

Could you edebug that function to see if that's really what happens?
Because if it is, we're leaving the decision to gpgsm itself which user
ID to use, and that seems very sub-optimal.

-- 
(domestic pets only, the antidote for overdose, milk.)
   bloggy blog: http://lars.ingebrigtsen.no