Exporting public key still contains version information
Please see this post, which I found applicable, but didn't solve the issue:
http://support.gpgtools.org/discussions/problems/12904-remove-versi...
GPG Keychain Access version 1.1.3 (601) running on OS X 10.9.4
Whenever I copy a public key out of the Keychain Access app, it includes the version information, which I want to suppress. I have included the no-emit-version option in the gpg.conf file, but this does not seem to affect how Keychain Access behaves.
I successfully removed the comment, per the post above, in the GPG Preferences.
How can I suppress the version details? They appear in the armor public code block like the following:
Version: GnuPG/MacGPG2 v2.0.22 (Darwin)
Comments are currently closed for this discussion. You can start a new one.
Keyboard shortcuts
Generic
| ? | Show this help |
|---|---|
| ESC | Blurs the current field |
Comment Form
| r | Focus the comment reply box |
|---|---|
| ^ + ↩ | Submit the comment |
You can use Command ⌘ instead of Control ^ on Mac
Support Staff 1 Posted by Steve on 19 Sep, 2014 12:50 PM
Hi Jarret,
could you please download and install our latest nightly build and see if the problem persists.
You can find sig and SHA1 on the GPGTools Nightlies page.
All the best, steve
Disclaimer: This is a development version which has not been thoroughly tested yet - bugs or crashes are to be expected. Thanks for helping us test.
2 Posted by Jarret on 21 Sep, 2014 05:55 PM
Steve,
Thanks, however, the GPG Keychain Access application is still including the version information.
I uninstalled and reinstalled and no change from what I can see when using the latest build.
Here is what I get at the top of both the exported public key and when I copy it to the clipboard:
-----BEGIN PGP PUBLIC KEY BLOCK-----
Version: GnuPG/MacGPG2 v2
The version is correctly NOT included when sending an email, but that was never my problem. :)
There is no option currently to allow you to turn off the version for the Keychain Access app from what I can see…
- Jarret
3 Posted by Hal on 22 Sep, 2014 12:33 PM
I also have this problem. Can't remove version from encrypted emails. This is pretty annoying, considering that encryption is supposed to protect our privacy. Please fix it soon!
Support Staff 4 Posted by Steve on 01 Oct, 2014 07:59 PM
Hi Jarret and Hal,
well version 2 isn't the version. The version you are using is 2.0.25 or 2.0.26 when we soon will update it.
You need to be using MacGPG1 or MacGPG2 and GPG Suite only comes with MacGPG2. So we don't think this information compromises your privacy. It allows deduction of two things: You are a mac user (which is easily told whenever you visit the internet). And then the fact that you are using MacGPG2, which all of our users are.
But maybe I'm misunderstanding something here?
Best, steve
5 Posted by Jarret on 01 Oct, 2014 11:42 PM
The assumption is that we are not looking for 'privacy' with this tool. Sharing ANY information can assist with eventual identification.. Why do we have the option to remove the version from the message?
I would expect the version to be removed from both the key export and the message when the user opts for that.
Willing to help work a code patch, but have not had time yet...
- Jarret
Support Staff 6 Posted by Steve on 02 Oct, 2014 04:26 PM
Welcome to the club of people with limited time :)
We've created a ticket for this problem:
https://gpgtools.lighthouseapp.com/projects/66966-gpgpreferences/ti...
If this discussion get's closed, it will be re-opened as soon as the ticket is closed so you'll receive a notification. Feel free to open a new discussions should you run into further problems or need assistance.
Thanks for your feedback,
steve
7 Posted by Jarret on 04 Oct, 2014 06:18 PM
Steve,
I worked through the code today and found the issue is in the ActionController.m source for KeyChainAccess. I submitted a pull request for the developers which corrects this.
To set this correctly, you need to go into the gpg.conf settings file in your ~/.gnupg folder. In there you simply add “no-emit-version” in order to disable the version in the key export.
The KeyChainAccess source code was overwriting this setting and telling it to ALWAYS include the version, which was incorrect.
- Jarret
On Oct 2, 2014, at 11:26, Steve <[email blocked]> wrote:
8 Posted by Jarret on 04 Oct, 2014 06:20 PM
Sorry, here is the link to the pull request in GitHub:
https://github.com/GPGTools/GPGKeychainAccess/pull/14
On Oct 2, 2014, at 11:26, Steve <[email blocked]> wrote:
Support Staff 9 Posted by Steve on 10 Oct, 2014 05:03 PM
We're almost there. We'll look into the remaining problem soon.
Support Staff 10 Posted by Steve on 13 Oct, 2014 09:08 AM
Hi Jarrett,
this ticket is now fixed. If you want to test the fix, please download our latest nightly.
You can find sig and SHA1 on the GPGTools Nightlies page.
Should the problem persist, please re-open this discussion. If you have other questions you can open a new one any time.
Best, steve
Disclaimer: This is a development version which has not been thoroughly tested yet, so bugs or crashes are to be expected. Thanks for helping us test this fix.
Steve closed this discussion on 13 Oct, 2014 09:08 AM.