IF YOU WOULD LIKE TO GET AN ACCOUNT, please write an
email to Administrator. User accounts are meant only to access repo
and report issues and/or generate pull requests.
This is a purpose-specific Git hosting for
BaseALT
projects. Thank you for your understanding!
Только зарегистрированные пользователи имеют доступ к сервису!
Для получения аккаунта, обратитесь к администратору.
- For packet joining, we don't need to be able to parse the packet.
Hence, it is enough to look at the tag, which will cover e.g
packets with unsupported versions.
- We once made the Autocrypt feature optional in order to squeeze a
sq update into a freeze without requiring new dependencies.
However, having features has a cost too (see e.g. #137), and we
generally try to keep the number of exposed features down. And,
the sequoia-autocrypt is one of the least demanding crates to
package.
- The function common::password::prompt_for_password is intended for
creating artifacts. For example, if a new key or subkey is
generated, or a message should be encrypted using a password. The
cost of mistyping is high, so we prompt twice.
- If the user mistypes, repeating the process allows for graceful
recovery, which seems to be in the best interest of the user.
- Make the function repeated the prompts if the user mistypes.
Rename it to better indicate intent. Adjust documentation.
- Fixes#145.
- When emitting revocation certificates, emit the revocation
signature with enough context so that it is a well-formed TPK,
i.e. include the primary key, the component to be revoked (if
revoking a user ID or subkey), and the revocation signature.
- Having a partial TPK instead of a bare revocation makes handling
it much easier, as it can be stored and transported like any
cert. It also gives the recipient of the certificate more
context, and simplifies merging it into a database of certs.
- Previously, there was a bug in sq where we would emit secret key
material when emitting revocation certificates. The reason for
that was that the certificate was first converted to a packet
stream, and then each packet serialized. In contrast, if a
Cert is serialized, no secrets are emitted unless the
programmer opts in. In a way, this is the more comprehensive fix
for the problem, as it leverages sequoia-openpgp's mechanisms to
protect secret key material.
- See #160.
- In debug builds, scan all emitted data for secret key material,
and panic if we find something. Manually goodlist all the places
where we expect to emit secret key material.
- When doing a userid, subkey, or third-party certificate
revocation, with the cert given to --certificate-file containing
secret key material, we previously emitted a revocation
certificate containing secret key material.
- This patch changes that in a straight-forward way that is easy to
backport to prior versions. A more comprehensive fix will follow.
- Fixes#160.
