+++ /dev/null
-If you have a revoked authentication subkey in your keyring,
-monkeysphere gen-subkey thinks that I have an authentication subkey
-already, which I do, but it probably shouldn't care about it, since it
-is revoked:
-
- 21:30@pond> monkeysphere gen-subkey F67E2A5D1CF2D62A
- An authentication subkey already exists for key 'F67E2A5D1CF2D62A'.
- Are you sure you would like to generate another one? (y/N)
-
-However: this key was revoked on 2008-04-28 by DSA key 1CF2D62A Micah Anderson <micah@riseup.net>
- sub 1024R/866F47D3 created: 2008-02-25 revoked: 2008-04-28 usage: A
-
-I can continue to create a new authorization subkey, so its not a
-blocker or anything (I suppose I could also delete the revoked key
-from my keyring as well, although thats less than ideal).
-
-It seems like the secret keyring doesn't mention that it has been
-revoked, so probably monkeysphere needs to be looking at gpg's
-computed validity from the public keyring instead of the secret
-keyring to be able to get the "r" flag from field 2, in addition to
-the "e" flag from field 12.
-
----
-
-So the problem is that there is no field 2 for secret keys. From
-/usr/share/doc/gnupg/DETAILS.gz:
-
- 2. Field: A letter describing the calculated trust. This is a single
- letter, but be prepared that additional information may follow
- in some future versions. (not used for secret keys)
-
-Why would secret keys not have this field? They have validity too,
-right? This doesn't make any sense. I verify that indeed there is no
-output in field 2 for secret keys. I would say this is a bug in gpg,
-but it's clearly done on purpose. Any ideas?
-
--- jrollins