IF YOU WOULD LIKE TO GET AN ACCOUNT, please write an
email to Administrator. User accounts are meant only to access repo
and report issues and/or generate pull requests.
This is a purpose-specific Git hosting for
BaseALT
projects. Thank you for your understanding!
Только зарегистрированные пользователи имеют доступ к сервису!
Для получения аккаунта, обратитесь к администратору.
- The function common::password::prompt_for_password is intended for
creating artifacts. For example, if a new key or subkey is
generated, or a message should be encrypted using a password. The
cost of mistyping is high, so we prompt twice.
- If the user mistypes, repeating the process allows for graceful
recovery, which seems to be in the best interest of the user.
- Make the function repeated the prompts if the user mistypes.
Rename it to better indicate intent. Adjust documentation.
- Fixes#145.
- When emitting revocation certificates, emit the revocation
signature with enough context so that it is a well-formed TPK,
i.e. include the primary key, the component to be revoked (if
revoking a user ID or subkey), and the revocation signature.
- Having a partial TPK instead of a bare revocation makes handling
it much easier, as it can be stored and transported like any
cert. It also gives the recipient of the certificate more
context, and simplifies merging it into a database of certs.
- Previously, there was a bug in sq where we would emit secret key
material when emitting revocation certificates. The reason for
that was that the certificate was first converted to a packet
stream, and then each packet serialized. In contrast, if a
Cert is serialized, no secrets are emitted unless the
programmer opts in. In a way, this is the more comprehensive fix
for the problem, as it leverages sequoia-openpgp's mechanisms to
protect secret key material.
- See #160.
- In debug builds, scan all emitted data for secret key material,
and panic if we find something. Manually goodlist all the places
where we expect to emit secret key material.
- When doing a userid, subkey, or third-party certificate
revocation, with the cert given to --certificate-file containing
secret key material, we previously emitted a revocation
certificate containing secret key material.
- This patch changes that in a straight-forward way that is easy to
backport to prior versions. A more comprehensive fix will follow.
- Fixes#160.
- If the default set of keyservers is used, do not emit error
messages unless --verbose is given or the search returned no cert
at all.
- If no cert was located, signal an error.
- See #156.
- They may contain special characters and trick the user. The
current way to detect dodgy characters and escape them may not be
the best, but it is better than the status quo, and we now encode
intent.
- By using more than one keyserver, we increase the chance of
successfully finding certificates and updates. Further, multipath
discovery increases robustness in the face of an attacker or
censor.
- We use keys.openpgp.org, the Proton key server, the Mailvelope
keyserver, and the Ubuntu keyserver.
