[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#1037363: libkf5mimetreeparser5abi1: does not find the key used to sign a message if a signing subkey was used

Package: libkf5mimetreeparser5abi1
Version: 4:22.12.3-1
Tags: bookworm sid patch upstream
Forwarded: https://bugs.kde.org/show_bug.cgi?id=469304
Control: affects -1 kmail

SUMMARY
KMail claims that messages signed with a subkey of my own key are
signed with an unknown key.

STEPS TO REPRODUCE
1. You need an OpenPGP certficate with a signing subkey.
2. Sign a message with this key and send it to yourself (or use Send
Later to put it in your outbox).
3. View the message.

OBSERVED RESULT
I have an OpenPGP certficate with a signing subkey that is used to
sign my messages. KMail has no problem signing my messages, but when
viewing my messages KMail says:
> Message was signed on 25.04.23 18:24 with unknown key 0xDB8E020E328C30942060BF21B16F599516474ABA.
> The validity of the signature cannot be verified.
> Status: Good signature

Obviously, this doesn't make any sense because how can the signature
be good if it was signed with an unknown key. It turns out that gpg
which is used to verify the signature very well knows the key, but
KMail is not able to find it.

EXPECTED RESULT
KMail should say something like:
> Message was signed by *@ingo-kloecker.de (Key ID: 0xE375339BF4C51840).
> The signature is valid and the key is ultimately trusted.


The fix can be found at
https://invent.kde.org/pim/messagelib/commit/70f39256784280d2034aa7bf1c4765f606c22d56
Reply to: