md5 keys should be marked as unusable (e.g. when composing mail)
Reported by steve | March 31st, 2015 @ 03:15 PM | in 0.5 (closed)
Reproduce
- use a key with MD5 (weak key) as public key in GPG Keychain
- compose new mail in mail.app
- "To:" is the email from that key
Currently
- Mail.app shows enabled encryption button
- When sending the mail, an error is shown that encryption is not possible
Expected
- encrypt button should be disabled
- it is not good UX to compose a long mail only to discover you can not encrypt it upon trying to send it
Comments and changes to this ticket
-
Mento March 31st, 2015 @ 03:17 PM
- Assigned user set to “Mento”
- Milestone set to “0.6”
- Importance changed from “Low” to “Medium”
-
Support April 1st, 2015 @ 02:05 PM
- State changed from “new” to “fixed”
(from [4b9285685ad8de2464827485047130392b597b1c]) Use KeyID if the fingerprint is nulled.
[#140 state:fixed assigned:mento] https://github.com/GPGTools/Libmacgpg/commit/4b9285685ad8de24648274...
-
steve April 1st, 2015 @ 02:23 PM
- State changed from “fixed” to “verified”
confirming, that now the encrypt button is greyed out for email addresses for which a key using MD5 exists.
-
steve June 18th, 2015 @ 12:34 PM
- Milestone changed from “0.6” to “0.5”
-
Please Sign in or create a free account to add a new ticket.
With your very own profile, you can contribute to projects, track your activity, watch tickets, receive and update tickets through your email and much more.
Create new ticket
Create your profile
Help contribute to this project by taking a few moments to create your personal profile. Create your profile ยป
Luke Le
steve