Bug#501085: seahorse creates all-capable PGP keys when it should create Sign-Only keys
Daniel Kahn Gillmor
dkg at fifthhorseman.net
Fri Oct 3 23:31:13 UTC 2008
Package: seahorse
Version: 2.22.3-2
Severity: normal
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
When creating a new OpenPGP key, seahorse sets all capabilities on the
key (Encrypt, Certify, Sign, Authenticate) even though it claims to
create Sign-Only keys.
To reproduce from a bare account:
* launch seahorse
* Key | Create New Key | PGP Key
* enter bogus name/address/comment data (i've been using:
"Test User (DO NOT USE!!!) <test at example.org>")
* expand "Advanced Key Options"
* set "Encryption Type" to "RSA (sign-only)"
* choose a password.
* examine the flags of the resulting keys:
gpg --with-colons --fixed-list-mode --list-keys 'Test User' | grep '^pub:' | cut -f12 -d:
If the key was really "sign-only", the output should be marked either
"sS" (Sign) or "scSC" (Sign and Certify).
instead, i get "escaESCA" from the above output.
This is bad, because it makes it difficult for users to separate the
various capabilities across keys and subkeys. Keeping capabilities
separated between keys is a useful "defense in layers" technique which
allows users to rotate subkeys at different intervals, and to transfer
more-sensitive keys into more secure storage.
--dkg
PS to read more about key capabilities:
http://tools.ietf.org/html/rfc4880#section-5.2.3.21
PPS from /usr/share/doc/gnupg/DETAILS.gz:
12. Field: Key capabilities:
e = encrypt
s = sign
c = certify
a = authentication
A key may have any combination of them in any order. In
addition to these letters, the primary key has uppercase
versions of the letters to denote the _usable_
capabilities of the entire key, and a potential letter 'D'
to indicate a disabled key.
- -- System Information:
Debian Release: lenny/sid
APT prefers testing
APT policy: (500, 'testing'), (200, 'unstable'), (101, 'experimental')
Architecture: i386 (i686)
Kernel: Linux 2.6.26-1-686 (SMP w/1 CPU core)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/bash
Versions of packages seahorse depends on:
ii gconf2 2.22.0-1 GNOME configuration database syste
ii gnupg 1.4.9-3 GNU privacy guard - a free PGP rep
ii libart-2.0-2 2.3.20-2 Library of functions for 2D graphi
ii libatk1.0-0 1.22.0-1 The ATK accessibility toolkit
ii libavahi-client3 0.6.22-3 Avahi client library
ii libavahi-common3 0.6.22-3 Avahi common library
ii libavahi-glib1 0.6.22-3 Avahi glib integration library
ii libbonobo2-0 2.22.0-1 Bonobo CORBA interfaces library
ii libbonoboui2-0 2.22.0-1 The Bonobo UI library
ii libc6 2.7-13 GNU C Library: Shared libraries
ii libcairo2 1.6.4-6 The Cairo 2D vector graphics libra
ii libdbus-1-3 1.2.1-3 simple interprocess messaging syst
ii libdbus-glib-1-2 0.76-1 simple interprocess messaging syst
ii libgcc1 1:4.3.1-9 GCC support library
ii libgconf2-4 2.22.0-1 GNOME configuration database syste
ii libglade2-0 1:2.6.2-1 library to load .glade files at ru
ii libglib2.0-0 2.16.5-1 The GLib library of C routines
ii libgnome-keyring0 2.22.3-1 GNOME keyring services library
ii libgnome2-0 2.20.1.1-1 The GNOME 2 library - runtime file
ii libgnomecanvas2-0 2.20.1.1-1 A powerful object-oriented display
ii libgnomeui-0 2.20.1.1-1 The GNOME 2 libraries (User Interf
ii libgnomevfs2-0 1:2.22.0-5 GNOME Virtual File System (runtime
ii libgpg-error0 1.4-2 library for common error values an
ii libgpgme11 1.1.6-2 GPGME - GnuPG Made Easy
ii libgtk2.0-0 2.12.11-3 The GTK+ graphical user interface
ii libgtksourceview2.0-0 2.2.2-1 shared libraries for the GTK+ synt
ii libice6 2:1.0.4-1 X11 Inter-Client Exchange library
ii libldap-2.4-2 2.4.10-3 OpenLDAP libraries
ii libnautilus-extension1 2.20.0-7 libraries for nautilus components
ii libnotify1 [libnotify1-gtk 0.4.4-3 sends desktop notifications to a n
ii libnspr4-0d 4.7.1-4 NetScape Portable Runtime Library
ii liborbit2 1:2.14.13-0.1 libraries for ORBit2 - a CORBA ORB
ii libpanel-applet2-0 2.20.3-5 library for GNOME Panel applets
ii libpango1.0-0 1.20.5-2 Layout and rendering of internatio
ii libpopt0 1.14-4 lib for parsing cmdline parameters
ii libsm6 2:1.0.3-2 X11 Session Management library
ii libsoup2.4-1 2.4.1-1 an HTTP library implementation in
ii libxml2 2.6.32.dfsg-4 GNOME XML library
Versions of packages seahorse recommends:
ii openssh-client 1:5.1p1-2.1opensc1 secure shell client, an rlogin/rsh
seahorse suggests no packages.
- -- no debconf information
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
iQIVAwUBSOarPMzS7ZTSFznpAQJqxA//Z1vdLZNg4gF4qiEHDCNMdztXS2H8OlJ1
alFiivAAPECYrJFpwh1cO8J/7sDlyhsSTGe8luPzwECqLj2eqEqk7bfbYOW1EWp0
5WNh5y61EJPf/ifLD7p0knRO9E8gzma0OA1qtfqbG8vLSY+HuZH/4lp9a6/Tp2TX
IGBHkaGVeiXYz1UbWRXZRxKAgYm5u8ZXVzWOk/dqaGJQur+iIP0BNNRsLAgHefpI
WA+cANEM1mcBb/hiCF7GGO20ZqBJJlMt1uQtipuBGhUaBlpSAIwBgotEfFRvugPA
9vgRO1H3hzG0/0ESP/+LPiYQiKb609oEiL5LP6+nkZA5tDLKViVJeS5NVr99OOqe
C7t+6OZl2P7q6Mf5hBiFVbeJvHWNFeaNsAGdp4lhHUWacvz9wekLcJh2jcKndj2q
z7czF32DVzqAbQBnqVZ4nEDic8mSI/KafyZK0O1p2NPwsnHdsv58kYZ2CioatKe4
5BAbnfKzdqHGKUSZw11IizLhLM4qoh4J5Ig2CdpoaoaX+0bIBO2dbizFjZMiEWUq
rsSie+fHwS24WxXX4f+3gDI0TkvHwtnbjjUBYif1sVbBIeM1ezDNzuIOlmLl//6a
221HhZJoqM4LcBLOBLC30FM4vjckJRwMCZfOfh6V5eloFMTO08EbZBt3eXjDlQVt
+9kBF/RFe6Q=
=53Ha
-----END PGP SIGNATURE-----
More information about the pkg-gnome-maintainers
mailing list