OpenPGP broken due to Enigmail falsely complaining that my still valid key is expired
Categories
(MailNews Core :: Security: OpenPGP, defect)
Tracking
(Not tracked)
People
(Reporter: eike.thaden, Unassigned)
Details
(Keywords: regression, Whiteboard: [regression 91.7->91.8])
Steps to reproduce:
I installed the lastest Thunderbird update today (version 91.9.0, 64 bits, Windows OS). I'm using a OpenPGP key created outside of Enigmail with a primary key and two sub keys, one for signing, one for encryption. The key and all subkeys are still valid for more than 3 years, I extended the validity multiple times in the past outside of Enigmail and imported the updated key into Enigmail.
Actual results:
After having installed the update, the key is suddenly reported to be expired and Enigmail is refusing to use it. I checked validity outside of Enigmail, and everything looks fine, than I re-imported that key into Enigmail, with no effect. As a quick fix, I tried to just extend the validity within Enigmail, but Enigmails considers it to have a "complex structure" and refuses to modify the validity. I completely deleted the key in Enigmail and reimported it, with no effect. The only possible workaround was to completely remove the expiry date.
Expected results:
The key should just work, expiry date should be recognized correctly. In general, there should be full support for the two sub keys, as this is a quite common way to generate keys (outside of Enigmail).
|
||
Updated•3 years ago
|
|
||
Comment 1•3 years ago
|
||
This is likely related to our update that will reject self-signatures on a key that involve the use of SHA-1 algorithm, which is considered insecure.
|
||
Comment 2•3 years ago
|
||
Same as bug 1763641 probably.
|
|
||
Updated•3 years ago
|
|
|
||
Comment 3•6 months ago
|
||
(In reply to Magnus Melin [:mkmelin] from comment #2)
Same as bug 1763641 probably.
should we dupe it?
|
|
||
Comment 4•6 months ago
|
||
Probably best yes.
Description
•