[pkg-gnupg-maint] Bug#623539: GnuPG 2.0 and gnome-keyring

Werner Koch wk at gnupg.org
Tue Apr 14 11:53:11 UTC 2015

On Tue, 14 Apr 2015 12:14, joss at debian.org said:

> I’m pretty sure that gnome-keyring 3.14 in jessie supports smartcards
> correctly.

It is not about anything in gnome-keyring but about gnome-keyring
inhibiting gpg to to use smartcards, gpgsm and so on.  GKR has certain
components which replace existing services.  One of these components
replaces gpg-agent - or better said it mimics a small part of gpg-agent
(the "GET_PASSPHRASE" command).  Due to this "hijacking" of the real
gpg-agent (part of GnuPG) large parts of GnuPG do not work on systems
using gnome-keyring.

> As for iteration count calibration, this could probably patched in
> gnome-keyring; at least in a Debian-specific patch, but there’s no way

This was just an example.  The interface between gpg and gpg-agent
belongs to GnuPG and most parts are not published.  Or to say it in
other words: There is no defined interface.  Keep hands off.

gnome-keyring MUST NOT pretend to be gpg-agent.  Or if it does this you
need to add

  Breaks: gnupg2

Do you want a patch to remove gpg-agent from GKR?

> As for gpgsm, I’d be wary of dropping features used by e.g. evolution to
> support S/MIME before changing the default gnome-keyring configuration. 

gpgsm won't work if GKR is used and GKR hijacks gpg-agent.



Die Gedanken sind frei.  Ausnahmen regelt ein Bundesgesetz.

More information about the pkg-gnupg-maint mailing list