Bug#501085: followup on seahorse gpg key interaction

[Daniel Kahn Gillmor]

From an strace of a running seahorse process (i used "strace -f -s4096
seahorse"), i get this output during the key creation of a key that is
ostensibly "RSA (Sign-Only)":

  [...]
11214 execve("/usr/bin/gpg", ["gpg", "--batch", "--no-sk-comment", "--lc-messages", "C", "--lc-ctype", "C", "--status-fd", "16", "--no-tty", "--charset", "utf8", "--enable-progress-filter", "--display", "localhost:11.0", "--ttyname", "/dev/pts/10", "--ttytype", "rxvt", "--gen-key"], [/* 19 vars */]) = 0
  [...]
11214 <... read resumed> "Key-Type: RSA\nKey-Length: 2048\nName-Comment: DO NOT USE!!!\nName-Email: test at example.org\nName-Real: Test User\nExpire-Date: 0\nPassphrase: abc\n"..., 8192) = 140
  [...]

So the problem appears to be that the --batch --gen-key process is
being handed a script without a Key-Usage: instruction.

From /usr/share/doc/gnupg/DETAILS.gz:

     Key-Usage: <usage-list>
        Space or comma delimited list of key usage, allowed values are
        "encrypt", "sign", and "auth".  This is used to generate the
        key flags.  Please make sure that the algorithm is capable of
        this usage.  Note that OpenPGP requires that all primary keys
        are capable of certification, so no matter what usage is given
        here, the "cert" flag will be on.  If no Key-Usage is
        specified, all the allowed usages for that particular
        algorithm are used.

Hope this is helpful,

        --dkg
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 826 bytes
Desc: not available
Url : http://lists.alioth.debian.org/pipermail/pkg-gnome-maintainers/attachments/20081003/88a6d444/attachment.pgp