GPGTools should update to 2.2.5 to fix signing with missing subkeys
A recent GPG 2.2.5 fixes a serious error with expired subkeys - see https://dev.gnupg.org/T1967.
Let me describe the case. Let you have a key with multiple signing subkeys. Let the machine with gpgtools have one signing subkey attached and one signing subkey detached ('missing' i.e. with a sec# prefix). GPG before 2.2.5 selects a signing subkey basing on issuing date not by availability. So gpgtools doesn't sign emails if the oldest subkey is unavailable. This should be fixed now.
The problem was discussed in several GPGTools topics (closed by far). Maybe they should be rechecked along with other related bugs when a new upstream version will be packaged with GPGTools.
Comments are currently closed for this discussion. You can start a new one.
Keyboard shortcuts
Generic
| ? | Show this help |
|---|---|
| ESC | Blurs the current field |
Comment Form
| r | Focus the comment reply box |
|---|---|
| ^ + ↩ | Submit the comment |
You can use Command ⌘ instead of Control ^ on Mac
Support Staff 1 Posted by Luke Le on 05 Mar, 2018 05:16 PM
Hi theirix,
thank you for bringing this issue to our attention. We have been following issues with subkeys closely and have reported bugs to the developer of GnuPG directly. We are currently working on integrating GnuPG 2.2.5 in our hotfix/nightly releases and it should be available soon.
2 Posted by theirix on 05 Mar, 2018 05:34 PM
Glad to hear it. Thank you for the great work!
Support Staff 3 Posted by Steve on 07 Mar, 2018 02:26 PM
The latest hotfix GPG Suite includes gpg 2.2.5.
All the best,
steve
Disclaimer: This is a development version which has not been thoroughly tested yet - bugs or crashes are to be expected. Thanks for helping us test.
Steve closed this discussion on 07 Mar, 2018 02:26 PM.