[Pkg-haskell-maintainers] Bug#764741: hopenpgp-tools: hokey lint complains about the lack of preferred hash algorithms on my revoked user IDs
Daniel Kahn Gillmor
dkg at fifthhorseman.net
Fri Oct 10 18:03:24 UTC 2014
Package: hopenpgp-tools
Version: 0.12-1
Severity: normal
0 dkg at alice:~/tmp$ gpg --export 0x0EE5BE979282D80B9F7540F1CCD2ED94D21739E9 | hokey lint
hokey (hopenpgp-tools) 0.12
Copyright (C) 2012-2014 Clint Adams
hokey comes with ABSOLUTELY NO WARRANTY. This is free software, and you are welcome to redistribute it under certain conditions.
Key has potential validity: good
Key has fingerprint: 0EE5 BE97 9282 D80B 9F75 40F1 CCD2 ED94 D217 39E9
Checking to see if key is OpenPGPv4: V4
Checking to see if key is RSA or DSA (>= 2048-bit): RSA 4096
Checking user-ID- and user-attribute-related items:
Daniel Kahn Gillmor <dkg at fifthhorseman.net>:
Self-sig hash algorithms: [SHA512]
Preferred hash algorithms:
[SHA512,SHA384,SHA256,SHA224]
Key expiration times:
[7y8m25d56473s = Thu Feb 26 17:15:31 UTC 2015]
Daniel Kahn Gillmor <dkg at openflows.com>:
Self-sig hash algorithms: [SHA512]
Preferred hash algorithms:
[SHA512,SHA384,SHA256,SHA224]
Key expiration times:
[7y8m25d56473s = Thu Feb 26 17:15:31 UTC 2015]
Daniel Kahn Gillmor <dkg at astro.columbia.edu>:
Self-sig hash algorithms: [SHA512]
Preferred hash algorithms:
[]
Key expiration times:
[]
Daniel Kahn Gillmor <dkg-debian.org at fifthhorseman.net>:
Self-sig hash algorithms: [SHA512]
Preferred hash algorithms:
[]
Key expiration times:
[]
Daniel Kahn Gillmor <dkg at debian.org>:
Self-sig hash algorithms: [SHA512]
Preferred hash algorithms:
[SHA512,SHA384,SHA256,SHA224]
Key expiration times:
[7y8m25d56473s = Thu Feb 26 17:15:31 UTC 2015]
Daniel Kahn Gillmor <dkg at aclu.org>:
Self-sig hash algorithms: [SHA512]
Preferred hash algorithms:
[SHA512,SHA384,SHA256,SHA224]
Key expiration times:
[7y8m25d56473s = Thu Feb 26 17:15:31 UTC 2015]
<uat:[jpeg:3515:943275a862bb]>:
Self-sig hash algorithms: [SHA512]
Preferred hash algorithms:
[SHA512,SHA384,SHA256,SHA224]
Key expiration times:
[7y8m25d56473s = Thu Feb 26 17:15:31 UTC 2015]
0 dkg at alice:~/tmp$
You probably can't see it, but the [] bits above (the preferred hash
algorithms and key expriation times for my two revoked keyids are
actually red (it's ok, some of my best friends are colorblind).
I think this means that hokey lint doesn't like the fact that my
revoked user IDs have bad expiration times or bad hash algo
preferences.
But this is silly -- if the user ID is verifiably revoked, hokey lint
shouldn't care about these things at all. It should either not list
the revoked user ID at all, or it could say something like:
Daniel Kahn Gillmor <dkg-debian.org at fifthhorseman.net>: [revoked]
Revoked: [Tue Jun 2 13:45:53 EDT 2009]
Revoked reason: [User ID is no longer valid]
Revocation comment: [I still receive mail directed to dkg-debian.org at fifthhorseman.net, but I no longer actively use this alias.]
(i don't know if you want to include the entire arbitrary comment)
You can see the list of revocation reasons here:
https://tools.ietf.org/html/rfc4880#section-5.2.3.23
I don't think any of these parts need to be red.
--dkg
-- System Information:
Debian Release: jessie/sid
APT prefers testing
APT policy: (500, 'testing'), (200, 'unstable'), (1, 'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386
Kernel: Linux 3.16-2-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Versions of packages hopenpgp-tools depends on:
ii libbz2-1.0 1.0.6-7
ii libc6 2.19-11
ii libffi6 3.1-2
ii libgmp10 2:6.0.0+dfsg-6
ii libnettle4 2.7.1-3
ii libyaml-0-2 0.1.6-2
ii zlib1g 1:1.2.8.dfsg-2
hopenpgp-tools recommends no packages.
hopenpgp-tools suggests no packages.
-- debconf-show failed
More information about the Pkg-haskell-maintainers
mailing list