bug#17338: bug#17391: Bug#745553: emacs24-el: mml2015-always-trust should default to nil, not t

[Jens Lechtenboerger]

On 2017-01-25, at 18:19, Lars Ingebrigtsen wrote:

> Daniel Kahn Gillmor <dkg@fifthhorseman.net> writes:
>
>> So in the scenario above, Bob's cert is still overall valid (because it
>> has a valid certification over the correct UserID+key from Alice), even
>> though the carol@example.org UserID is invalid.
>>
>> I don't know mml-mode or elisp well enough to dig into the code and fix
>> this part of the problem quickly, but if someone has patches that i can
>> look at that would point to where it might be changed, i'd be happy to
>> try to review them.
>
> I'm also mostly unfamiliar with the mml encryption code, but perhaps
> Jens could take a peek at this?

mml2015-always-trust is replaced by mml-secure-openpgp-always-trust
nowadays.  I certainly wouldn’t object if the default value was
changed, but lots of long-term users might be surprised.

Also, nowadays, if multiple keys are available for a recipient, the
user is asked which key to use and whether to store that choice.

Then, EasyPG is responsible for calling GnuPG.  Maybe something
needs to be adjusted there as well.  What is the expected command
line behavior?

Best wishes
Jens