From: Torsten Bronger <bronger@physik.rwth-aachen.de>
To: Lars Ingebrigtsen <larsi@gnus.org>
Cc: 26587@debbugs.gnu.org
Subject: bug#26587: 26.0.50; Gnus signs with false S/MIME key
Date: Wed, 9 Oct 2019 10:58:24 +0200 [thread overview]
Message-ID: <87pnj6s3bj.fsf@physik.rwth-aachen.de> (raw)
In-Reply-To: <87r241kb4y.fsf@gnus.org> (Lars Ingebrigtsen's message of "Fri, 27 Sep 2019 17:32:45 +0200")
Hallöchen!
Lars Ingebrigtsen writes:
> Torsten Bronger <bronger@physik.rwth-aachen.de> writes:
>
>> If I have keys for different email addresses in my gpgsm keyring, Gnus
>> signs an outgoing email using S/MIME with the first one listed by "gpgsm
>> --list-secret-keys" instead of the one actually associated with the
>> "From:" mail address.
>
> I'm unable to reproduce this bug.
>
> Could you describe, step by step, how you are composing the message to
> be signed?
When writing the message, I call (mml-secure-message-sign-smime).
The "From:" field contains "Torsten Bronger
<bronger@physik.rwth-aachen.de>". My secret keys are:
bronger@brad:~/kfa/Zertifikate/juliabase$ gpgsm --list-secret-keys
/home/bronger/.gnupg/pubring.kbx
--------------------------------
ID: 0x416092ED
S/N: 1CDCFCFE038E7AD34DF1C3FC
Issuer: /CN=DFN-Verein Global Issuing CA/OU=DFN-PKI/O=Verein zur Foerderung eines Deutschen Forschungsnetzes e. V./C=DE
Subject: /CN=Torsten Bronger/O=Forschungszentrum Juelich GmbH/C=DE
aka: t.bronger@fz-juelich.de
[...]
ID: 0x4A86AFDB
S/N: 213C2509C6CA74A7ED7133B8
Issuer: /CN=DFN-Verein Global Issuing CA/OU=DFN-PKI/O=Verein zur Foerderung eines Deutschen Forschungsnetzes e. V./C=DE
Subject: /CN=Torsten Bronger/OU=Fachgruppe Physik/O=RWTH Aachen/C=DE
aka: bronger@physik.rwth-aachen.de
validity: 2019-07-03 13:02:55 through 2022-07-02 13:02:55
key type: 2048 bit RSA
key usage: digitalSignature nonRepudiation keyEncipherment
ext key usage: clientAuth (suggested), emailProtection (suggested)
policies: 1.3.6.1.4.1.22177.300.1.1.4:N:,1.3.6.1.4.1.22177.300.1.1.4.4:N:,1.3.6.1.4.1.22177.300.2.1.4.4:N:
fingerprint: CD:BF:CA:E9:F3:83:B9:DC:00:E4:A2:B1:8F:D8:E0:78:4A:86:AF:DB
I would like the second key to be used. But Gnus signs the email
with the first certificate.
Regards,
Torsten.
--
Torsten Bronger
next prev parent reply other threads:[~2019-10-09 8:58 UTC|newest]
Thread overview: 12+ messages / expand[flat|nested] mbox.gz Atom feed top
2017-04-21 11:41 bug#26587: 26.0.50; Gnus signs with false S/MIME key Torsten Bronger
2019-09-27 15:32 ` Lars Ingebrigtsen
2019-10-09 8:58 ` Torsten Bronger [this message]
2019-10-09 19:59 ` Lars Ingebrigtsen
2019-10-10 7:43 ` Torsten Bronger
2019-10-11 7:29 ` Lars Ingebrigtsen
2020-08-04 9:04 ` Lars Ingebrigtsen
2020-08-04 10:10 ` Robert Pluim
2020-08-04 10:31 ` Lars Ingebrigtsen
2019-10-09 20:42 ` Lars Ingebrigtsen
2019-10-10 6:55 ` Torsten Bronger
2019-10-11 7:29 ` Lars Ingebrigtsen
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=87pnj6s3bj.fsf@physik.rwth-aachen.de \
--to=bronger@physik.rwth-aachen.de \
--cc=26587@debbugs.gnu.org \
--cc=larsi@gnus.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
Code repositories for project(s) associated with this external index
https://git.savannah.gnu.org/cgit/emacs.git
https://git.savannah.gnu.org/cgit/emacs/org-mode.git
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.