[PATCH] Support encrypting for PGP keys without subkeys
Axel Beckert
abe at deuxchevaux.org
Tue Apr 18 13:32:40 UTC 2023
Hi,
I wrote:
> But one team member has a older PGP key without a subkey.
[…]
> While it might be no more good practice to generate PGP keys without
> subkey, it's still a personal user decision or possibly historic
> circumstance.
That team member solved the situation in a much more easy way that I
had in mind: He simply added a subkey to that existing (so far
subkey-less) key.
This kinda took out the (not explicitly mentioned) urgency of that
matter for me.
(When I wrote that mail, I expected that he needs to generate a new
key and gather most of the signatures on his old key again.)
> So IMHO pass should also work with such keys.
Nevertheless I still think that pass should work with such keys.
On Fri, Apr 14, 2023 at 10:54:49AM +0300, Amir Yalon wrote:
> It adds `pub` records, but not all of them, since field 12 (key
> capabilities) is filtered to include only keys with `e` (the encrypt
> capability).
Yes, on purpose. It's the same for the subkeys, too.
With keys just meant for signing you can't encrypt passwords. :-D
> It is interesting to note that the filter on field 12 seems
> sufficient, which makes the filter on field 1 (type of record)
> redundant (though good for clarity of intent).
Indeed interesting. I wonder if just using that field would cause
rather more or rather less trouble for potential future key types.
I haven't really thought about this when I wrote the patch, but to
stay on the safe side, I on purpose only extended the filter minimally
so it worked with that key without subkeys.
Kind regards, Axel
--
PGP: 2FF9CD59612616B5 /~\ Plain Text Ribbon Campaign, http://arc.pasp.de/
Mail: abe at deuxchevaux.org \ / Say No to HTML in E-Mail and Usenet
Mail+Jabber: abe at noone.org X
https://axel.beckert.ch/ / \ I love long mails: https://email.is-not-s.ms/
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: not available
URL: <http://lists.zx2c4.com/pipermail/password-store/attachments/20230418/42a391dd/attachment.sig>
More information about the Password-Store
mailing list