GNU bug report logs - #13551
24.3.50; epa-mail-encrypt chooses wrong key

Message received at 13551 <at> debbugs.gnu.org:

Received: (at 13551) by debbugs.gnu.org; 5 Oct 2019 13:18:54 +0000
From debbugs-submit-bounces <at> debbugs.gnu.org Sat Oct 05 09:18:54 2019
Received: from localhost ([127.0.0.1]:43916 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.84_2)
	(envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>)
	id 1iGjxW-0003sz-Hc
	for submit <at> debbugs.gnu.org; Sat, 05 Oct 2019 09:18:54 -0400
Received: from eggs.gnu.org ([209.51.188.92]:48597)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <rms@HIDDEN>) id 1iGjxU-0003sl-PZ
 for 13551 <at> debbugs.gnu.org; Sat, 05 Oct 2019 09:18:53 -0400
Received: from fencepost.gnu.org ([2001:470:142:3::e]:39381)
 by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from <rms@HIDDEN>)
 id 1iGjxP-00051E-LN; Sat, 05 Oct 2019 09:18:47 -0400
Received: from rms by fencepost.gnu.org with local (Exim 4.82)
 (envelope-from <rms@HIDDEN>)
 id 1iGjxG-0004Xi-NI; Sat, 05 Oct 2019 09:18:40 -0400
Content-Type: text/plain; charset=Utf-8
From: Richard Stallman <rms@HIDDEN>
To: Lars Ingebrigtsen <larsi@HIDDEN>
In-Reply-To: <87d0fkursu.fsf@HIDDEN> (message from Lars Ingebrigtsen on Sat, 
 28 Sep 2019 21:47:13 +0200)
Subject: Re: bug#13551: acknowledged by developer (control message for bug
 #13551)
References: <87k19z0xut.fsf@HIDDEN> <E1Tyqsx-0005dB-R9@HIDDEN>
 <handler.13551.C.156925686512740.notifdonectrl.0 <at> debbugs.gnu.org>
 <E1iDo3e-000599-Os@HIDDEN> <87pnjliuqh.fsf@HIDDEN>
 <E1iE1av-0002jt-HP@HIDDEN> <87d0fkursu.fsf@HIDDEN>
Message-Id: <E1iGjxG-0004Xi-NI@HIDDEN>
Date: Sat, 05 Oct 2019 09:18:38 -0400
X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic]
X-Spam-Score: -2.3 (--)
X-Debbugs-Envelope-To: 13551
Cc: 13551 <at> debbugs.gnu.org
X-BeenThere: debbugs-submit <at> debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, 
 <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, 
 <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe>
Reply-To: rms@HIDDEN
Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org>
X-Spam-Score: -3.3 (---)

[[[ To any NSA and FBI agents reading my email: please consider    ]]]
[[[ whether defending the US Constitution against all enemies,     ]]]
[[[ foreign or domestic, requires you to follow Snowden's example. ]]]

  > Emacs cannot possibly know that when you send to "arthur", that that
  > email will eventually end up going to "arthur@HIDDEN".

Sure it can.  It could get the domain from mail-host-address.  We
could also create another variable specifically to control this.

The current behavior, as you described it, is not much better
security.  It is unpredictable in practice for the user.  However,
I am not sure how much security issue there is in sending A a message
encrypted for B.  Nobody can decrypt that message.

I have seen reason to think that the current behavior doesn't match
what you described.  I entered "To: rms" and encrypted the message.
It recognized that was me, rms@HIDDEN, and encrypted with my key.

It did this even though my key does not list 'rms' with no host name as
an address (as far as I can tell).

gpg --edit-key rms@HIDDEN gave me this:

    pub  4096R/2C6464AF2A8E4C02  created: 2013-07-20  expires: never       usage: SC  
	 ...
    sub ...

    [ultimate] (1). Richard Stallman <rms@HIDDEN>

If the key had another address, wouldn't it be listed there?

In addition, after I run the encryption command,
plain 'rms' has been edited into 'rms@HIDDEN'.  How does it know
to make that change?


-- 
Dr Richard Stallman
Founder, Free Software Foundation (https://gnu.org, https://fsf.org)
Internet Hall-of-Famer (https://internethalloffame.org)

Message received at 13551 <at> debbugs.gnu.org:

Received: (at 13551) by debbugs.gnu.org; 28 Sep 2019 19:47:21 +0000
From debbugs-submit-bounces <at> debbugs.gnu.org Sat Sep 28 15:47:21 2019
Received: from localhost ([127.0.0.1]:51300 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.84_2)
	(envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>)
	id 1iEIgb-0006Dj-4K
	for submit <at> debbugs.gnu.org; Sat, 28 Sep 2019 15:47:21 -0400
Received: from quimby.gnus.org ([80.91.231.51]:35550)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <larsi@HIDDEN>) id 1iEIgX-0006DR-7M
 for 13551 <at> debbugs.gnu.org; Sat, 28 Sep 2019 15:47:17 -0400
Received: from cm-84.212.202.86.getinternet.no ([84.212.202.86] helo=marnie)
 by quimby.gnus.org with esmtpsa (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
 (Exim 4.89) (envelope-from <larsi@HIDDEN>)
 id 1iEIgT-0006JD-Es; Sat, 28 Sep 2019 21:47:16 +0200
From: Lars Ingebrigtsen <larsi@HIDDEN>
To: Richard Stallman <rms@HIDDEN>
Subject: Re: bug#13551: acknowledged by developer (control message for bug
 #13551)
References: <87k19z0xut.fsf@HIDDEN> <E1Tyqsx-0005dB-R9@HIDDEN>
 <handler.13551.C.156925686512740.notifdonectrl.0 <at> debbugs.gnu.org>
 <E1iDo3e-000599-Os@HIDDEN> <87pnjliuqh.fsf@HIDDEN>
 <E1iE1av-0002jt-HP@HIDDEN>
Date: Sat, 28 Sep 2019 21:47:13 +0200
In-Reply-To: <E1iE1av-0002jt-HP@HIDDEN> (Richard Stallman's message
 of "Fri, 27 Sep 2019 21:32:21 -0400")
Message-ID: <87d0fkursu.fsf@HIDDEN>
User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/27.0.50 (gnu/linux)
MIME-Version: 1.0
Content-Type: text/plain
X-Spam-Report: Spam detection software, running on the system "quimby.gnus.org",
 has NOT identified this incoming email as spam.  The original
 message has been attached to this so you can view it or label
 similar future email.  If you have any questions, see
 @@CONTACT_ADDRESS@@ for details.
 Content preview:  Richard Stallman <rms@HIDDEN> writes: > > I'm not sure I
 understand. I think it does do something completely > > predictable -- choose
 the key ring entry that matches what's in your > > "From" header. > > We
 seem to be failing to commnuic [...] 
 Content analysis details:   (-2.9 points, 5.0 required)
 pts rule name              description
 ---- ---------------------- --------------------------------------------------
 -1.0 ALL_TRUSTED            Passed through trusted hosts only via SMTP
 -1.9 BAYES_00               BODY: Bayes spam probability is 0 to 1%
 [score: 0.0000]
X-Spam-Score: 0.0 (/)
X-Debbugs-Envelope-To: 13551
Cc: 13551 <at> debbugs.gnu.org
X-BeenThere: debbugs-submit <at> debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, 
 <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, 
 <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org>
X-Spam-Score: -1.0 (-)

Richard Stallman <rms@HIDDEN> writes:

>   > I'm not sure I understand.  I think it does do something completely
>   > predictable -- choose the key ring entry that matches what's in your
>   > "From" header.
>
> We seem to be failing to commnuicate.  My From header always says
> "rms@HIDDEN", but we're talking about the address I am sending to --
> in the To field.  Is that what you mean?

Yes; sorry.

> When I send mail to just 'arthur', that is equivalent by default to
> 'arthur@HIDDEN'.  I often omit '@gnu.org' knowing this.
>
> Encryption should do the same thing: treat 'arthur' as short for
> 'arthur@HIDDEN'.  That way it will always encrypt for the person that
> the mail is going to.

Emacs cannot possibly know that when you send to "arthur", that that
email will eventually end up going to "arthur@HIDDEN".  It could guess,
but guessing in an security context is a no go.

So if you want to send somebody secure messages, you have to tell Emacs
what address the mail is going to: You can't just say "arthur".

-- 
(domestic pets only, the antidote for overdose, milk.)
   bloggy blog: http://lars.ingebrigtsen.no

Message received at 13551 <at> debbugs.gnu.org:

Received: (at 13551) by debbugs.gnu.org; 28 Sep 2019 01:32:36 +0000
From debbugs-submit-bounces <at> debbugs.gnu.org Fri Sep 27 21:32:36 2019
Received: from localhost ([127.0.0.1]:48867 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.84_2)
	(envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>)
	id 1iE1b6-0003yp-Pk
	for submit <at> debbugs.gnu.org; Fri, 27 Sep 2019 21:32:36 -0400
Received: from eggs.gnu.org ([209.51.188.92]:51176)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <rms@HIDDEN>) id 1iE1b4-0003yR-EL
 for 13551 <at> debbugs.gnu.org; Fri, 27 Sep 2019 21:32:31 -0400
Received: from fencepost.gnu.org ([2001:470:142:3::e]:54174)
 by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from <rms@HIDDEN>)
 id 1iE1ax-00086Q-PI; Fri, 27 Sep 2019 21:32:23 -0400
Received: from rms by fencepost.gnu.org with local (Exim 4.82)
 (envelope-from <rms@HIDDEN>)
 id 1iE1av-0002jt-HP; Fri, 27 Sep 2019 21:32:21 -0400
Content-Type: text/plain; charset=Utf-8
From: Richard Stallman <rms@HIDDEN>
To: Lars Ingebrigtsen <larsi@HIDDEN>
In-Reply-To: <87pnjliuqh.fsf@HIDDEN> (message from Lars Ingebrigtsen on Fri, 
 27 Sep 2019 18:12:22 +0200)
Subject: Re: bug#13551: acknowledged by developer (control message for bug
 #13551)
References: <87k19z0xut.fsf@HIDDEN> <E1Tyqsx-0005dB-R9@HIDDEN>
 <handler.13551.C.156925686512740.notifdonectrl.0 <at> debbugs.gnu.org>
 <E1iDo3e-000599-Os@HIDDEN> <87pnjliuqh.fsf@HIDDEN>
Message-Id: <E1iE1av-0002jt-HP@HIDDEN>
Date: Fri, 27 Sep 2019 21:32:21 -0400
X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic]
X-Spam-Score: -2.3 (--)
X-Debbugs-Envelope-To: 13551
Cc: 13551 <at> debbugs.gnu.org
X-BeenThere: debbugs-submit <at> debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, 
 <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, 
 <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe>
Reply-To: rms@HIDDEN
Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org>
X-Spam-Score: -3.3 (---)

[[[ To any NSA and FBI agents reading my email: please consider    ]]]
[[[ whether defending the US Constitution against all enemies,     ]]]
[[[ foreign or domestic, requires you to follow Snowden's example. ]]]

  > I'm not sure I understand.  I think it does do something completely
  > predictable -- choose the key ring entry that matches what's in your
  > "From" header.

We seem to be failing to commnuicate.  My From header always says
"rms@HIDDEN", but we're talking about the address I am sending to --
in the To field.  Is that what you mean?

The behavior that you describe is totally unpredictable for me because
it depends on data I don't know, and have no other reason to know.
When foo@HIDDEN sends me a key, I don't notice what other addresses
that key covers.  There is no reason to.  And those alternate short
addresses are not listed by epa-list-keys.

If I have a key for 'arthur@HIDDEN' and another for
'arthur@HIDDEN', it is a nuisice for me to check which one, if
either, lists just 'arthur' as an address.  Especially since when I
send mail to 'arthur@HIDDEN' I may not even remember I know
'arthur@HIDDEN'.

When I send mail to just 'arthur', that is equivalent by default to
'arthur@HIDDEN'.  I often omit '@gnu.org' knowing this.

Encryption should do the same thing: treat 'arthur' as short for
'arthur@HIDDEN'.  That way it will always encrypt for the person that
the mail is going to.

-- 
Dr Richard Stallman
Founder, Free Software Foundation (https://gnu.org, https://fsf.org)
Internet Hall-of-Famer (https://internethalloffame.org)

Message received at 13551 <at> debbugs.gnu.org:

Received: (at 13551) by debbugs.gnu.org; 27 Sep 2019 16:12:29 +0000
From debbugs-submit-bounces <at> debbugs.gnu.org Fri Sep 27 12:12:29 2019
Received: from localhost ([127.0.0.1]:48533 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.84_2)
	(envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>)
	id 1iDsr6-0002pc-Pt
	for submit <at> debbugs.gnu.org; Fri, 27 Sep 2019 12:12:29 -0400
Received: from quimby.gnus.org ([80.91.231.51]:34832)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <larsi@HIDDEN>) id 1iDsr5-0002pQ-6b
 for 13551 <at> debbugs.gnu.org; Fri, 27 Sep 2019 12:12:27 -0400
Received: from cm-84.212.202.86.getinternet.no ([84.212.202.86] helo=marnie)
 by quimby.gnus.org with esmtpsa (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
 (Exim 4.89) (envelope-from <larsi@HIDDEN>)
 id 1iDsr0-0003f9-TS; Fri, 27 Sep 2019 18:12:25 +0200
From: Lars Ingebrigtsen <larsi@HIDDEN>
To: Richard Stallman <rms@HIDDEN>
Subject: Re: bug#13551: acknowledged by developer (control message for bug
 #13551)
References: <87k19z0xut.fsf@HIDDEN> <E1Tyqsx-0005dB-R9@HIDDEN>
 <handler.13551.C.156925686512740.notifdonectrl.0 <at> debbugs.gnu.org>
 <E1iDo3e-000599-Os@HIDDEN>
Date: Fri, 27 Sep 2019 18:12:22 +0200
In-Reply-To: <E1iDo3e-000599-Os@HIDDEN> (Richard Stallman's message
 of "Fri, 27 Sep 2019 07:05:06 -0400")
Message-ID: <87pnjliuqh.fsf@HIDDEN>
User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/27.0.50 (gnu/linux)
MIME-Version: 1.0
Content-Type: text/plain
X-Spam-Report: Spam detection software, running on the system "quimby.gnus.org",
 has NOT identified this incoming email as spam.  The original
 message has been attached to this so you can view it or label
 similar future email.  If you have any questions, see
 @@CONTACT_ADDRESS@@ for details.
 Content preview: Richard Stallman <rms@HIDDEN> writes: > [[[ To any NSA and
 FBI agents reading my email: please consider ]]] > [[[ whether defending
 the US Constitution against all enemies, ]]] > [[[ foreign or domestic,
 requires you to follow Snowden's e [...] 
 Content analysis details:   (-2.9 points, 5.0 required)
 pts rule name              description
 ---- ---------------------- --------------------------------------------------
 -1.0 ALL_TRUSTED            Passed through trusted hosts only via SMTP
 -1.9 BAYES_00               BODY: Bayes spam probability is 0 to 1%
 [score: 0.0000]
X-Spam-Score: 0.0 (/)
X-Debbugs-Envelope-To: 13551
Cc: 13551 <at> debbugs.gnu.org
X-BeenThere: debbugs-submit <at> debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, 
 <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, 
 <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org>
X-Spam-Score: -1.0 (-)

Richard Stallman <rms@HIDDEN> writes:

> [[[ To any NSA and FBI agents reading my email: please consider    ]]]
> [[[ whether defending the US Constitution against all enemies,     ]]]
> [[[ foreign or domestic, requires you to follow Snowden's example. ]]]
>
>   > I don't think any security-related software should be guessing based on
>   > incomplete email addresses.  As far as I can tell, it requires a
>   > complete match, which I guess means you have a key for "martin" (without
>   > a domain name) in your key ring.
>
> That is totally unpredictable _for the user sending a reply_.
> There are various possible ok things to do, but not that.
>
> Please make this case do something predictable.

I'm not sure I understand.  I think it does do something completely
predictable -- choose the key ring entry that matches what's in your
"From" header.  No guessing involved.

-- 
(domestic pets only, the antidote for overdose, milk.)
   bloggy blog: http://lars.ingebrigtsen.no

Message received at 13551 <at> debbugs.gnu.org:

Received: (at 13551) by debbugs.gnu.org; 27 Sep 2019 12:58:51 +0000
From debbugs-submit-bounces <at> debbugs.gnu.org Fri Sep 27 08:58:51 2019
Received: from localhost ([127.0.0.1]:45962 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.84_2)
	(envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>)
	id 1iDppj-00041W-9h
	for submit <at> debbugs.gnu.org; Fri, 27 Sep 2019 08:58:51 -0400
Received: from eggs.gnu.org ([209.51.188.92]:45260)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <rms@HIDDEN>) id 1iDppb-00040x-6s
 for 13551 <at> debbugs.gnu.org; Fri, 27 Sep 2019 08:58:44 -0400
Received: from fencepost.gnu.org ([2001:470:142:3::e]:36083)
 by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from <rms@HIDDEN>)
 id 1iDppU-0002cQ-O5
 for 13551 <at> debbugs.gnu.org; Fri, 27 Sep 2019 08:58:36 -0400
Received: from rms by fencepost.gnu.org with local (Exim 4.82)
 (envelope-from <rms@HIDDEN>)
 id 1iDo3e-000599-Os; Fri, 27 Sep 2019 07:05:07 -0400
Content-Type: text/plain; charset=Utf-8
From: Richard Stallman <rms@HIDDEN>
To: 13551 <at> debbugs.gnu.org
In-Reply-To: <handler.13551.C.156925686512740.notifdonectrl.0 <at> debbugs.gnu.org>
 (help-debbugs@HIDDEN)
Subject: Re: bug#13551 acknowledged by developer
 (control message for bug #13551)
References: <87k19z0xut.fsf@HIDDEN> <E1Tyqsx-0005dB-R9@HIDDEN>
 <handler.13551.C.156925686512740.notifdonectrl.0 <at> debbugs.gnu.org>
Message-Id: <E1iDo3e-000599-Os@HIDDEN>
Date: Fri, 27 Sep 2019 07:05:06 -0400
X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic]
X-Spam-Score: -2.3 (--)
X-Debbugs-Envelope-To: 13551
X-BeenThere: debbugs-submit <at> debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, 
 <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, 
 <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe>
Reply-To: rms@HIDDEN
Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org>
X-Spam-Score: -3.3 (---)

[[[ To any NSA and FBI agents reading my email: please consider    ]]]
[[[ whether defending the US Constitution against all enemies,     ]]]
[[[ foreign or domestic, requires you to follow Snowden's example. ]]]

  > I don't think any security-related software should be guessing based on
  > incomplete email addresses.  As far as I can tell, it requires a
  > complete match, which I guess means you have a key for "martin" (without
  > a domain name) in your key ring.

That is totally unpredictable _for the user sending a reply_.
There are various possible ok things to do, but not that.

Please make this case do something predictable.

-- 
Dr Richard Stallman
Founder, Free Software Foundation (https://gnu.org, https://fsf.org)
Internet Hall-of-Famer (https://internethalloffame.org)

Message received at 13551 <at> debbugs.gnu.org:

Received: (at 13551) by debbugs.gnu.org; 23 Sep 2019 16:40:55 +0000
From debbugs-submit-bounces <at> debbugs.gnu.org Mon Sep 23 12:40:55 2019
Received: from localhost ([127.0.0.1]:36923 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.84_2)
	(envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>)
	id 1iCROQ-0003IN-Vv
	for submit <at> debbugs.gnu.org; Mon, 23 Sep 2019 12:40:55 -0400
Received: from quimby.gnus.org ([80.91.231.51]:40206)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <larsi@HIDDEN>) id 1iCROP-0003IE-PN
 for 13551 <at> debbugs.gnu.org; Mon, 23 Sep 2019 12:40:54 -0400
Received: from cm-84.212.202.86.getinternet.no ([84.212.202.86] helo=marnie)
 by quimby.gnus.org with esmtpsa (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
 (Exim 4.89) (envelope-from <larsi@HIDDEN>)
 id 1iCROL-0000tR-Vs; Mon, 23 Sep 2019 18:40:52 +0200
From: Lars Ingebrigtsen <larsi@HIDDEN>
To: Richard Stallman <rms@HIDDEN>
Subject: Re: bug#13551: 24.3.50; epa-mail-encrypt chooses wrong key
References: <E1Tyqsx-0005dB-R9@HIDDEN>
Date: Mon, 23 Sep 2019 18:40:49 +0200
In-Reply-To: <E1Tyqsx-0005dB-R9@HIDDEN> (Richard Stallman's message
 of "Fri, 25 Jan 2013 16:32:31 -0500")
Message-ID: <87lfuf0xv2.fsf@HIDDEN>
User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/27.0.50 (gnu/linux)
MIME-Version: 1.0
Content-Type: text/plain
X-Spam-Report: Spam detection software, running on the system "quimby.gnus.org",
 has NOT identified this incoming email as spam.  The original
 message has been attached to this so you can view it or label
 similar future email.  If you have any questions, see
 @@CONTACT_ADDRESS@@ for details.
 Content preview: Richard Stallman <rms@HIDDEN> writes: > I have a public key
 for martin@HIDDEN and a key for another martin at > another host. When I
 encrypt a message to `martin' -- which means, in > my case, `martin@HIDDEN'
 -- epa-mail-encrypt picks t [...] 
 Content analysis details:   (-2.9 points, 5.0 required)
 pts rule name              description
 ---- ---------------------- --------------------------------------------------
 -1.0 ALL_TRUSTED            Passed through trusted hosts only via SMTP
 -1.9 BAYES_00               BODY: Bayes spam probability is 0 to 1%
 [score: 0.0000]
X-Spam-Score: 0.0 (/)
X-Debbugs-Envelope-To: 13551
Cc: 13551 <at> debbugs.gnu.org
X-BeenThere: debbugs-submit <at> debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, 
 <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, 
 <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org>
X-Spam-Score: -1.0 (-)

Richard Stallman <rms@HIDDEN> writes:

> I have a public key for martin@HIDDEN and a key for another martin at
> another host.  When I encrypt a message to `martin' -- which means, in
> my case, `martin@HIDDEN' -- epa-mail-encrypt picks the other martin.
>
> epa needs to know the default mail hostname so as to pick the correct
> Martin.  It can get that from the value of user-mail-address, and
> maybe have other ways to specify it.

I don't think any security-related software should be guessing based on
incomplete email addresses.  As far as I can tell, it requires a
complete match, which I guess means you have a key for "martin" (without
a domain name) in your key ring.

Choosing this is the right thing to do, I think, so I'm closing this bug
report.

-- 
(domestic pets only, the antidote for overdose, milk.)
   bloggy blog: http://lars.ingebrigtsen.no

Message received at submit <at> debbugs.gnu.org:

Received: (at submit) by debbugs.gnu.org; 25 Jan 2013 21:32:57 +0000
From debbugs-submit-bounces <at> debbugs.gnu.org Fri Jan 25 16:32:57 2013
Received: from localhost ([127.0.0.1]:49620 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.72)
	(envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>)
	id 1TyqtM-0003Ny-LU
	for submit <at> debbugs.gnu.org; Fri, 25 Jan 2013 16:32:57 -0500
Received: from eggs.gnu.org ([208.118.235.92]:58579)
	by debbugs.gnu.org with esmtp (Exim 4.72)
	(envelope-from <rms@HIDDEN>) id 1TyqtJ-0003Nr-Fw
	for submit <at> debbugs.gnu.org; Fri, 25 Jan 2013 16:32:54 -0500
Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
	(envelope-from <rms@HIDDEN>) id 1Tyqt4-00008g-L4
	for submit <at> debbugs.gnu.org; Fri, 25 Jan 2013 16:32:43 -0500
X-Spam-Checker-Version: SpamAssassin 3.3.2 (2011-06-06) on eggs.gnu.org
X-Spam-Level: 
X-Spam-Status: No, score=-101.9 required=5.0 tests=BAYES_00,RP_MATCHES_RCVD,
	USER_IN_WHITELIST autolearn=unavailable version=3.3.2
Received: from lists.gnu.org ([208.118.235.17]:34915)
	by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from <rms@HIDDEN>)
	id 1Tyqt4-00008X-HY
	for submit <at> debbugs.gnu.org; Fri, 25 Jan 2013 16:32:38 -0500
Received: from eggs.gnu.org ([208.118.235.92]:41667)
	by lists.gnu.org with esmtp (Exim 4.71) (envelope-from <rms@HIDDEN>)
	id 1Tyqt1-0000Eh-BC
	for bug-gnu-emacs@HIDDEN; Fri, 25 Jan 2013 16:32:38 -0500
Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
	(envelope-from <rms@HIDDEN>) id 1Tyqsy-00006k-JA
	for bug-gnu-emacs@HIDDEN; Fri, 25 Jan 2013 16:32:35 -0500
Received: from fencepost.gnu.org ([2001:4830:134:3::e]:51426)
	by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from <rms@HIDDEN>)
	id 1Tyqsy-00006e-G0
	for bug-gnu-emacs@HIDDEN; Fri, 25 Jan 2013 16:32:32 -0500
Received: from rms by fencepost.gnu.org with local (Exim 4.71)
	(envelope-from <rms@HIDDEN>)
	id 1Tyqsx-0005dB-R9; Fri, 25 Jan 2013 16:32:31 -0500
Date: Fri, 25 Jan 2013 16:32:31 -0500
Message-Id: <E1Tyqsx-0005dB-R9@HIDDEN>
Content-Type: text/plain; charset=ISO-8859-15
From: Richard Stallman <rms@HIDDEN>
To: bug-gnu-emacs@HIDDEN
Subject: 24.3.50; epa-mail-encrypt chooses wrong key
X-detected-operating-system: by eggs.gnu.org: Error: Malformed IPv6 address
	(bad octet value).
X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.6.x
X-Received-From: 208.118.235.17
X-Spam-Score: -6.9 (------)
X-Debbugs-Envelope-To: submit
X-BeenThere: debbugs-submit <at> debbugs.gnu.org
X-Mailman-Version: 2.1.13
Precedence: list
Reply-To: rms@HIDDEN
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <http://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>,
	<mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe>
List-Archive: <http://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit>
List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help>
List-Subscribe: <http://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>,
	<mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe>
Sender: debbugs-submit-bounces <at> debbugs.gnu.org
Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org
X-Spam-Score: -6.9 (------)


I have a public key for martin@HIDDEN and a key for another martin at
another host.  When I encrypt a message to `martin' -- which means, in
my case, `martin@HIDDEN' -- epa-mail-encrypt picks the other martin.

epa needs to know the default mail hostname so as to pick the correct
Martin.  It can get that from the value of user-mail-address, and
maybe have other ways to specify it.




In GNU Emacs 24.3.50.1 (mips64el-unknown-linux-gnu, GTK+ Version 2.12.12)
 of 2013-01-03 on chiefs-gnewsense
Bzr revision: 111408 rgm@HIDDEN
System Description:	Debian GNU/Linux 6.0.6 (squeeze)

Configured using:
 `configure CFLAGS=-O0 -g --with-gif=no --with-tiff=no --no-create
 --no-recursion'

Important settings:
  value of $LANG: en_US.UTF-8
  locale-coding-system: utf-8-unix
  default enable-multibyte-characters: t

Major mode: Mail

Minor modes in effect:
  gpm-mouse-mode: t
  tooltip-mode: t
  mouse-wheel-mode: t
  tool-bar-mode: t
  menu-bar-mode: t
  file-name-shadow-mode: t
  global-font-lock-mode: t
  font-lock-mode: t
  auto-composition-mode: t
  auto-encryption-mode: t
  auto-compression-mode: t
  line-number-mode: t
  transient-mark-mode: t
  abbrev-mode: t

Recent input:
C-x b o u t g TAB RET g e ESC x e p a d RET y C-n C-n 
C-n C-p C-e @ g n u . o r g ESC x e p a SPC m a i l 
SPC e n c TAB RET y y y C-x C-s C-c C-s y C-x b o u 
t g TAB RET g C-p e C-x b o u t - 2 9 RET C-_ ESC DEL 
ESC DEL DEL ESC x e p a SPC m a i l SPC e n TAB RET 
y y C-x 4 b RET C-x o C-x k RET y e s RET ESC x r e 
p o r t SPC e m a c s SPC b u g RET

Recent messages:
Saving file /home/rms/outgoing/out-29...
Wrote /home/rms/outgoing/out-29
Send buffer contents as mail message? (y or n)  y
Sending...
Wrote /home/rms/outgoing/out-30
Sending...done
Undo!
No public key for rms-response-1w@HIDDEN; skip it? (y or n)  y
No public key for rms-outgoing@HIDDEN; skip it? (y or n)  y
Encrypting...done

Load-path shadows:
None found.

Features:
(shadow emacsbug mailalias epa-mail epa derived epg epg-config rmailmm
message sendmail format-spec rfc822 mml easymenu mml-sec mm-decode
mm-bodies mm-encode mailabbrev gmm-utils mailheader mail-parse rfc2231
dired t-mouse time-date rmailedit rmail rfc2047 rfc2045 ietf-drums
mm-util mail-prsvr mail-utils paren cus-start cus-load nadvice advice
help-fns tooltip ediff-hook vc-hooks lisp-float-type mwheel x-win
x-dnd tool-bar dnd fontset image regexp-opt fringe tabulated-list
newcomment lisp-mode register page menu-bar rfn-eshadow timer select
scroll-bar mouse jit-lock font-lock syntax facemenu font-core frame
cham georgian utf-8-lang misc-lang vietnamese tibetan thai tai-viet
lao korean japanese hebrew greek romanian slovak czech european
ethiopic indian cyrillic chinese case-table epa-hook jka-cmpr-hook
help simple abbrev minibuffer loaddefs button faces cus-face macroexp
files text-properties overlay sha1 md5 base64 format env code-pages
mule custom widget hashtable-print-readable backquote
make-network-process dbusbind dynamic-setting system-font-setting
font-render-setting move-toolbar gtk x-toolkit x multi-tty emacs)

-- 
Dr Richard Stallman
President, Free Software Foundation
51 Franklin St
Boston MA 02110
USA
www.fsf.org  www.gnu.org
Skype: No way! That's nonfree (freedom-denying) software.
  Use Ekiga or an ordinary phone call