Skip to content

monkeysign fails to send certifications of User IDs that lack an e-mail-address

some keys, like 25FC1614B8F87B52FF2F99B962AF4031C82E0039, have a user ID that has no e-mail address.

If the user indicates that they intend to certify that user ID, its certification should be attached to any other certification that can be sent -- so the certifications are sent in tandem.

So for example, if an OpenPGP certificate looks like:

uid 0: Alice Jones
uid 1: Alice Jones <alice@example.net>
uid 2: Alice Jones (CEO) <boss@example.biz>

then the e-mail that goes to alice@example.net should contain the certification for User IDs 0 and 1, and the e-mail that goes to boss@example.biz should contain the certification for User IDs 0 and 2.

That way, if the recipient gets any of the e-mails, they can see a certification over the user ID that has no e-mail address.

What monkeysign currently does in the above scenario is to try to send the certification of User ID 0 to "Alice Jones", which is typically treated as a bogus e-mail address and gets bounced.

The behavior i'm proposing is how caff handles this kind of User ID, fwiw.

Edited by dkg
To upload designs, you'll need to enable LFS and have an admin enable hashed storage. More information