On 2017-01-25, at 18:19, Lars Ingebrigtsen wrote: > Daniel Kahn Gillmor <d...@fifthhorseman.net> writes: > >> So in the scenario above, Bob's cert is still overall valid (because it >> has a valid certification over the correct UserID+key from Alice), even >> though the ca...@example.org UserID is invalid. >> >> I don't know mml-mode or elisp well enough to dig into the code and fix >> this part of the problem quickly, but if someone has patches that i can >> look at that would point to where it might be changed, i'd be happy to >> try to review them. > > I'm also mostly unfamiliar with the mml encryption code, but perhaps > Jens could take a peek at this?
mml2015-always-trust is replaced by mml-secure-openpgp-always-trust nowadays. I certainly wouldn’t object if the default value was changed, but lots of long-term users might be surprised. Also, nowadays, if multiple keys are available for a recipient, the user is asked which key to use and whether to store that choice. Then, EasyPG is responsible for calling GnuPG. Maybe something needs to be adjusted there as well. What is the expected command line behavior? Best wishes Jens