Hi Enigmail, The recent discussion on the behaviour of the auto decrypt/verify button has prompted me to check more carefully on the behaviour using the 'Details' button which I have found to be strange.
First case : Thunderbird displays a yellow band with message "Part of the message signed; click on 'Details' button for more information" Clicking on 'Details' button gives 3 options (the others are greyed out): 1. import public key : this seems to work and the imported key is immediately displayed in Kleopatra but not in Thunderbird key manager until Thunderbird is restarted 2. 'OpenPGP Security info' this only gives a dialog box saying 'unverifed signature' - a bit of a waste of time 3. ' copy OpenPGP security info' - it doesn't do anything - doesn't copy anything to windows clipboard - presumably because nothing is known. So 2 of these 3 options are a waste of time in this case. Second Case : after the 'import public key' option has been used and the key is available in the key manager and appears to be valid but I have not yet set a trust level nor signed the key. Thunderbird displays a purple band with the message 'Error - signature verification failed; click on 'Details' button for more information.' The Details button provides 5 usable options : 1. 'OpenPGP security info': this gives a dialog box with 'Error - signature verification failed' which we already knew so not very helpful. 2. 'copy OpenPGP security info' - it doesn't do anything - doesn't copy anything to windows clipboard - presumably because nothing is known. 3. 'View key properties' : this doesn't do anything despite multiple tries. (note that if the key manager is opened from OpenPGP/Key management, the subject imported key is visible provided that Thunderbird has been closed and restarted after import.) But Details button option 3 does nothing - no effect. 4. 'Sign sender's key' - this opens a dialog box which appears that it would work BUT why would one wish to sign a key where 'verification has failed' ? 5. 'Set owner trust of sender's key' : this opens a dialog box where the 'Key to trust' field is empty (you need to open key manager or Kleopatra to find the key ID) - but again, on what basis would you set a trust level for an unidentified key for which verification had failed ? So out of 5 options, in this case, none is really useful. Third case : sender's key imported, Thunderbird restarted, trust level set to 'marginal' but sender's key not signed by me. Thunderbird displays a blue band with the message 'Part of the message signed; click on 'Details' button for more information + key ID .' The Details button provides 5 usable options that are the same as in the 'second case' above. 1. provides keyID and fingerprint but claims to be 'UNTRUSTED Good signature' even though I set trust level to marginal. 2. works fine and does copy all info to Windows clipboard. 3. works fine and even shows trust level correctly as marginal 4. appears to work ok 5. opens dialog box and correctly displays the 'key to trust' Fourth case : sender's key imported, Thunderbird restarted, trust level set to 'unknown' and sender's key signed by me. Thunderbird displays a green band with the message 'Part of the message signed; click on 'Details' button for more information + key ID and date signed.' The date signed is given as today's date and the time as when the email was first opened, I think - but I actually signed this key last October (according to Kleopatra). The Details button provides 5 usable options that are the same as in the 'second case' above and all work same as in case three above. The only difference between third and fourth cases is the colour of the band displayed which I assume is due to my having signed the key in case four. My conclusions are : when signatures are unknown or unverified, the options provided under the 'Details' button could do with some refinement to make them more useful. Maybe the signature date provided in the colour band for green case, is not correct ? ------------------------------------------------- Philip Jackson Domaine le Theron Chemin du Theron 34210 Siran France Tel : (+33) 468 49 80 53 GnuPG Public Key : 0x23543A63.asc
0x23543A63.asc
Description: application/pgp-keys
_______________________________________________ enigmail-users mailing list enigmail-users@enigmail.net https://admin.hostpoint.ch/mailman/listinfo/enigmail-users_enigmail.net
