tag:gpgtools.tenderapp.com,2011-11-04:/discussions/beta/1754-gpgmail-27b3-bugs-in-selecting-keys-for-signing-possible-emailcounter-bug-tooGPGTools: Discussion 2018-02-16T11:25:49Ztag:gpgtools.tenderapp.com,2011-11-04:Comment/425154382017-05-08T12:37:30Z2017-05-08T12:37:33ZGPGMail: 2.7b3 bugs in selecting keys for signing. possible emailcounter bug too<div><p>I have two keys in my gpg keychain, one is a legacy key, the other is my current one.</p>
<p>Despite selecting C431470D, D81343FD is always used. gpgkeychain orders with D81343FD being the first key.</p>
<p>After I disabled the gpgmail bundle in mail, miraculously my smart mailboxes started to show their unread mail counters again</p>
<p>$ gpg --list-keys <a href="mailto:ruben@verweg.com">ruben@verweg.com</a> pub 1024D/C431470D 2002-03-03<br>
uid Ruben van Staveren <a href="mailto:ruben@verweg.com">ruben@verweg.com</a><br>
sub 1280g/F476D296 2002-03-03</p>
<p>gpg: Note: signatures using the MD5 algorithm are rejected<br>
pub 1280R/D81343FD 1995-04-26<br>
uid Ruben van Staveren <a href="mailto:ruben+pgp263@verweg.com">ruben+pgp263@verweg.com</a></p>
<p><strong>Expected</strong><br>
* Signing/encryption using the preferred key * Smart mailboxes showing their unread message count</p>
<p><strong>Additional info</strong><br>
gpgmail bundle 2.7b3, disabled for now</p>
<pre>
<code>macOS 10.12.4 16E195
GPG Suite 2017.1b3 1812 (d43863c)
GPGMail -
GPG Keychain 1.3.3b2 1271 (028a4a2)
GPGServices 1.11 916 (872e77d)
MacGPG2 2.0.30-1b2 887- (4912d26)
GPGPreferences 2.0.2b3 927 (641418e)
Libmacgpg 0.7 782 (536bf51)
pinentry 0.9.7 4 (b75069d)</code>
</pre></div>rubentag:gpgtools.tenderapp.com,2011-11-04:Comment/425154382017-05-08T14:19:15Z2017-05-08T14:19:15ZGPGMail: 2.7b3 bugs in selecting keys for signing. possible emailcounter bug too<div><p>Hi Ruben,</p>
<p>welcome to the GPGTools support platform. Sorry you are having problems using GPG Suite.</p>
<p>Thanks for taking the time to report the issues you are seeing. The key selection bug is a known issue in the 10.12 beta of GPGMail.</p>
<p>We have a ticket for this problem. I connected this discussion with the existing ticket. That means, should this discussion get closed, it will be re-opened as soon as the ticket is closed. That way you'll stay in the loop and get notified as soon as we have news. Feel free to open a new discussions should you run into further problems or need assistance.</p>
<p>To workaround the key selection problem, I would suggest to disable the old key in GPG Keychain. That should result in GPGMail then using the correct key.</p>
<p>That issue is being worked on and we hope to be able to ship a fix with the next beta.</p>
<p>Can you experiment with the unread counters in smart mailboxes a bit more and see if you are able to find a pattern to reliably reproduce the problem and if it indeed is related to GPGMail.</p>
<p>Kind regards,<br>
steve</p></div>Stevetag:gpgtools.tenderapp.com,2011-11-04:Comment/425154382017-05-09T09:51:41Z2017-05-09T09:51:41ZGPGMail: 2.7b3 bugs in selecting keys for signing. possible emailcounter bug too<div><p>I've re enabled the bundle, but unfortunately it doesn't reproduce (yet). I'll keep an eye on it</p></div>rubentag:gpgtools.tenderapp.com,2011-11-04:Comment/425154382017-05-09T10:15:13Z2017-05-09T10:15:13ZGPGMail: 2.7b3 bugs in selecting keys for signing. possible emailcounter bug too<div><p>Sure. As mentioned the bug you where seeing with key selection is a known issue:<br>
If multiple private keys are available for the same email address, GPGMail currently picks one at random to sign the message. [#895]</p>
<p>We will keep you posted as soon as we have a fix.</p></div>Stevetag:gpgtools.tenderapp.com,2011-11-04:Comment/425154382017-08-25T21:01:21Z2017-08-25T21:01:21ZGPGMail: 2.7b3 bugs in selecting keys for signing. possible emailcounter bug too<div><p>Hi Ruben,</p>
<p>good news - the issue where key selection in the From: field was ignored when more than one secret key existed for the same email address, has been fixed. If you want to test the fix, please download our <a href="https://releases.gpgtools.org/nightlies/">latest nightly GPG Suite</a>. That page also has sig and SHA1 to verify the download.</p>
<p>Best, steve</p>
<p>Disclaimer: This is a development version which has not been thoroughly tested yet, so bugs or crashes are to be expected. Thanks for helping us test this fix.</p></div>Steve