From 56d6185075f3416b60d5cd3dcebd8cae28ec4295 Mon Sep 17 00:00:00 2001
From: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
Date: Wed, 13 Aug 2008 23:01:03 -0400
Subject: [PATCH] added note about GnuTLS patch for "gnu-dummy" S2K extension

---
 website/bugs/handle-passphrase-locked-secret-keys.mdwn | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/website/bugs/handle-passphrase-locked-secret-keys.mdwn b/website/bugs/handle-passphrase-locked-secret-keys.mdwn
index a61b5ba..b66e4c7 100644
--- a/website/bugs/handle-passphrase-locked-secret-keys.mdwn
+++ b/website/bugs/handle-passphrase-locked-secret-keys.mdwn
@@ -41,6 +41,13 @@ work for reasonable values of `$KEYID`:
 	(cd "$TMPDIR" && ssh-add -c "$kname")
 	rm -rf "$TMPDIR"	
 
+Good news!  [I've crafted a patch for GnuTLS to enable it to read
+exported subkeys using this GNU
+extension](http://lists.gnu.org/archive/html/gnutls-devel/2008-08/msg00005.html),
+so if we can get it incorporated into upstream (and/or into debian),
+we have a possible solution, as long as the authentication key is a
+subkey, and not a primary key.
+
 ---------
 
 Ben Laurie and Rachel Willmer's
-- 
2.25.1