diff options
author | Aaron Jones <aaronmdjones@gmail.com> | 2019-06-16 14:20:10 +0000 |
---|---|---|
committer | Jason A. Donenfeld <Jason@zx2c4.com> | 2019-06-16 21:59:52 +0200 |
commit | 5a52772156b44ef9785e91ab78ab2e1c3b1e510e (patch) | |
tree | 975a7af2c51eae883218f02fe2b28504b4fc632f /contrib/emacs/.gitignore | |
parent | ee9faa9df54555337738dfd88b355e23fbef6a30 (diff) | |
download | pass-5a52772156b44ef9785e91ab78ab2e1c3b1e510e.tar.gz pass-5a52772156b44ef9785e91ab78ab2e1c3b1e510e.tar.bz2 pass-5a52772156b44ef9785e91ab78ab2e1c3b1e510e.zip |
Exclude invalid, disabled and revoked subkeys from subkey selection
When rotating encryption subkeys, and revoking the old one,
`pass init keyid` would re-encrypt your stored credentials to the
(now revoked) old subkey(s) in addition to the new one too.
It would also mistakenly encrypt to keys that have been disabled,
and keys that were never validly signed by their master (certify) key.
Fix all of these cases. It was decided NOT to also exclude expired
subkeys.
Signed-off-by: Aaron Jones <aaronmdjones@gmail.com>
Diffstat (limited to '')
0 files changed, 0 insertions, 0 deletions