From: Jameson Graef Rollins Date: Mon, 27 Oct 2008 02:07:07 +0000 (-0400) Subject: comment to bug about existing invalid authentication keys. X-Git-Tag: monkeysphere_0.17-1~8 X-Git-Url: https://codewiz.org/gitweb?a=commitdiff_plain;h=21fd6545dee4948cad0e726d47f092c9c86f2fba;p=monkeysphere.git comment to bug about existing invalid authentication keys. --- diff --git a/website/bugs/authorized_keys-options.mdwn b/website/bugs/authorized_keys-options.mdwn index a066318..4e7a838 100644 --- a/website/bugs/authorized_keys-options.mdwn +++ b/website/bugs/authorized_keys-options.mdwn @@ -1,7 +1,5 @@ [[meta title="Monkeysphere support for options in authorized_keys"]] -# Monkeysphere support for options within `authorized_keys` # - OpenSSH [allows users to control the capabilities granted to remote key-based logins](http://www.hackinglinuxexposed.com/articles/20030109.html) by diff --git a/website/bugs/monkeysphere-gen-subkey-treats-revoked-auth-subkey-as-valid.mdwn b/website/bugs/monkeysphere-gen-subkey-treats-revoked-auth-subkey-as-valid.mdwn index 8181437..3c7e804 100644 --- a/website/bugs/monkeysphere-gen-subkey-treats-revoked-auth-subkey-as-valid.mdwn +++ b/website/bugs/monkeysphere-gen-subkey-treats-revoked-auth-subkey-as-valid.mdwn @@ -19,3 +19,19 @@ revoked, so probably monkeysphere needs to be looking at gpg's computed validity from the public keyring instead of the secret keyring to be able to get the "r" flag from field 2, in addition to the "e" flag from field 12. + +--- + +So the problem is that there is no field 2 for secret keys. From +/usr/share/doc/gnupg/DETAILS.gz: + + 2. Field: A letter describing the calculated trust. This is a single + letter, but be prepared that additional information may follow + in some future versions. (not used for secret keys) + +Why would secret keys not have this field? They have validity too, +right? This doesn't make any sense. I verify that indeed there is no +output in field 2 for secret keys. I would say this is a bug in gpg, +but it's clearly done on purpose. Any ideas? + +-- jrollins