Re: [Enigmail] failed signature verification
On 01/09/14 21:01, Ludwig Hügelschäfer wrote: > It does use this key. If the key wasn't in your keyring you would get > the yellow ribbon. In your case you would not run into this except > autoretrieve would fail. > > In fact, the message text is wrong and misleading. It should state > what is really done: "Public Key was __used__ to > verify the signature". I'll file a bug and prepare a patch. So enigmail lied to me ? OK fair enough, you say that enigmail did use the key. This is also another case where under the Details button, the "View Key Properties" doesn't work. Even after several restarts of Thunderbird, I have to open Key Management independently and search under the name of the sender. Philip signature.asc Description: OpenPGP digital signature ___ enigmail-users mailing list enigmail-users@enigmail.net To unsubscribe or make changes to your subscription click here: https://admin.hostpoint.ch/mailman/listinfo/enigmail-users_enigmail.net
Re: [Enigmail] failed signature verification
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 On 01.09.14 21:01, Ludwig Hügelschäfer wrote: > (...) I'll file a bug and prepare a patch. https://sourceforge.net/p/enigmail/bugs/324/ -BEGIN PGP SIGNATURE- Version: GnuPG v2 iQEcBAEBCgAGBQJUBNK9AAoJEA52XAUJWdLjbNQH/2fU5RLNk+8/AopwKF8sHrOn wepVtgYmlNlrq6aqTmDNVAA16+lcdFUS6LniwVwAxKcWg3u5j4o/a+sLvQXDJuRa voxUf1Fa5kekQM8EomE2XdVV6yMxvA5VTUuY1eA/F/PNzxIAgA+CKgqDPI+yHrar tlJi7738mi7Cr0aFPymxpr5C843hxPd9ClKnsLIgoGBa5tn07kIP76QPu1Cn7WnN 2ZCvnsQfMFWKCUzGuKFNzBPS0vSiMw4LfbGl+9RHqODtV8OfKSVPzZ7yy5HoQXW2 HoZNmPV7AmAk9AIi6xeXIf+LZXmyWNw+jX3V2JreCmIT5EDJVHDeIOvbMY7LyoE= =rQMz -END PGP SIGNATURE- ___ enigmail-users mailing list enigmail-users@enigmail.net To unsubscribe or make changes to your subscription click here: https://admin.hostpoint.ch/mailman/listinfo/enigmail-users_enigmail.net
Re: [Enigmail] failed signature verification
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 On 01.09.14 14:59, Philip Jackson wrote: > A recent post on the mailing list shows the pink(ish) enigmail > header 'Error-signature verification failed ' > > Clicking Details/security info shows that Public Key > is needed to verify the signature. > > gpg.conf should automatically download missing keys for me, so I > looked in Key Manager for the senders name. I have his public key > 0x which has enc, sign, cert and authenticate and it is > valid. > > Also shown in the key properties is a subkey 0x with > encrypt, sign and authentication and this is valid. > > This subkey is clearly the 'Public Key ' that the > enigmail security info says I need. > > Why doesn't enigmail use the subkey to verify the signature ? It does use this key. If the key wasn't in your keyring you would get the yellow ribbon. In your case you would not run into this except autoretrieve would fail. In fact, the message text is wrong and misleading. It should state what is really done: "Public Key was __used__ to verify the signature". I'll file a bug and prepare a patch. Ludwig -BEGIN PGP SIGNATURE- Version: GnuPG v2 iQEcBAEBCgAGBQJUBMKlAAoJEA52XAUJWdLjq4MH/jZhlUxuQ0pHbfTdAZmvt/gb syo3jcVFEprMS9RrSSltid2kgCjm7YWEkWhLj4Jo53KjQXc/9hmIBr7XuGuMyLdm O8XU9kLVZikEeKzGsLTWqOpSBZWqJAX4C9t+n2rpk1hwcUsEYuU/I3iYZaYCaYER wv7gqXSH9GQdtFxbVD0s7qikEs5j8fcsKU06Er5TaJOm8Dk29ccPQ9yK8BZJ0k0E u9pk9f5p1JYCA+jKljlf1ak3x59C32gg7Y+a6OK0NbkZhLgZQNEwMYe7lUOQyuao CUk/BFptWm0QUQvCJmqDBMNywEZUOaOD2I3JrDdVPs5zhUCk+wDOx+YiCh9h3Xc= =VMaJ -END PGP SIGNATURE- ___ enigmail-users mailing list enigmail-users@enigmail.net To unsubscribe or make changes to your subscription click here: https://admin.hostpoint.ch/mailman/listinfo/enigmail-users_enigmail.net
[Enigmail] failed signature verification
A recent post on the mailing list shows the pink(ish) enigmail header 'Error-signature verification failed ' Clicking Details/security info shows that Public Key is needed to verify the signature. gpg.conf should automatically download missing keys for me, so I looked in Key Manager for the senders name. I have his public key 0x which has enc, sign, cert and authenticate and it is valid. Also shown in the key properties is a subkey 0x with encrypt, sign and authentication and this is valid. This subkey is clearly the 'Public Key ' that the enigmail security info says I need. Why doesn't enigmail use the subkey to verify the signature ? Philip signature.asc Description: OpenPGP digital signature ___ enigmail-users mailing list enigmail-users@enigmail.net To unsubscribe or make changes to your subscription click here: https://admin.hostpoint.ch/mailman/listinfo/enigmail-users_enigmail.net