Ubuntu
gnupg package

error message when a key has expired is not helpful

Bug #50675 reported by Robert Collins
8
This bug affects 1 person
Affects Status Importance Assigned to Milestone
gnupg (Ubuntu)
Confirmed
Undecided
Unassigned

Bug Description

I had a key uid expire recently. Trying to sign after that I saw:

$ echo foo | gpg --clearsign
gpg: no default secret key: unusable secret key
gpg: <email address hidden>: clearsign failed: unusable secret key

This was very unhelpful - something like "unusable secret key becuase the requested UID has expired" would have allowed me to debug this extremely quickly.

Revision history for this message
James Troup (elmo) wrote :

I've run into this several times previously and agree the error message is anything but helpful.

Changed in gnupg:
status: Unconfirmed → Confirmed
Revision history for this message
Daniel Leidert (dleidert-deactivatedaccount) wrote :

Use the --verbose or the --status-fd switch to get more information, what happens (both will report, that the key expired and following https://bugs.g10code.com/gnupg/issue714, --status-fd is designed to deliver meaningful information). I'll close this. Please reopen if you disagree.

Changed in gnupg (Ubuntu):
status: Confirmed → Invalid
Revision history for this message
Robert Collins (lifeless) wrote :

When the tool knows precisely what went wrong, the user shouldn't have to know to run with --verbose to get told it. The upstream bug you reference is about tools wrapping gnupg; this bug is about someone using gnupg directly.

Changed in gnupg (Ubuntu):
status: Invalid → Confirmed
Revision history for this message
Daniel Leidert (dleidert-deactivatedaccount) wrote :

Upstream suggests to parse --status-fd to get meaningful information. I further linked to a related report which also shows you, how upstream is thinking about this. So this won't change. And you *have* the possibility to get to know, what the issue is, by either using --verbose or --status-fd. As a user I would expect that at least --verbose tells more about the issue and that's the case here. So no problem IMHO.

JFTR: This won't get patched just for Debian/Ubuntu. If you are not satisfied with the design, you'll have to convince upstream to change it.

To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.