Re: evolution and gpg

To: debian-user@lists.debian.org
Subject: Re: evolution and gpg
From: Adrian 'Dagurashibanipal' von Bidder <avbidder@fortytwo.ch>
Date: 20 Aug 2002 08:14:26 +0200
Message-id: <[🔎] 1029824066.5298.8.camel@atlas>
In-reply-to: <[🔎] 1029791185.21150.13.camel@chef>
References: <[🔎] 1029791185.21150.13.camel@chef>

On Mon, 2002-08-19 at 23:06, Sven Heinicke wrote:
> 
> Is stable's evolution known to work well with pgp?  Is it should be ok,
> then what am I doing wrong here?  If all isn't, is this fixed in
> unstable or sid?

evolution is quite broken. Real fixes will probably only appear in 1.2
although 1.0.8 is a bit better than the earlier versions - it at least
doesn't produce faulty singatures on mails without attachments. I still
get more BAD signatures than I should (haven't manually checked lately,
but I can't believe there are *that* many broken mail systems aroung).

> I hope Paul Johnson doesn't mind, as he seems an active poster, I went
> to his home page and downloaded his public key.  Then, for testing, I
> made it so I trust him, and signed for him.  Now, in evolution, when I

as long you singed locally and don't upload your singature...

btw, to verify signatures it is not necesssary to sign a key. gpg will
display a warning, but it makes absolutely no sense to sign keys just to
shut up the warnings - after all you did not establish the authenticity
of the key...

> click on:  "This message is digitally signed. Click the lock icon for
> more information" I get:
> 
> gpg: armor header: Version: GnuPG v1.0.7 (GNU/Linux)
> gpg: Signature made Fri 26 Jul 2002 10:02:16 AM EDT using DSA key ID D372F715
> gpg: BAD signature from "Paul Johnson (Main Key) <baloo@ursine.dyndns.org>"
> 
> Along with the broken lock.  but then I download his message to disk and check it by hand:
> 
> $ gpg msg.pgp 
> gpg: Signature made Fri 26 Jul 2002 10:02:16 AM EDT using DSA key ID D372F715
> gpg: Good signature from "Paul Johnson (Main Key) <baloo@ursine.dyndns.org>"

If you can verify it this way, it was a clearsigned message. These will
- according to evolution authors - never be fixed. The problem with
clearsigned messages is that the mailreader cannot know that it is a
signed message (without scanning it, that is), and so evolution decodes
it (line endings, charset conversions, qp) before it checks the
signature. [1]

For the same reason, evolution creates only multipart/signed signed
messages - which in turn gives headaches to outlook users.

cheers
-- vbi

[1] yes, I do consider this a major design flaw in evolution - the mail
body should only be changed for displaying, storage should always be
possible unmodified - so the unmodified body should be available
internally. One of the reasons I will eventually leave evolution.

-- 
secure email with gpg                         http://fortytwo.ch/gpg

Attachment: signature.asc
Description: This is a digitally signed message part

Reply to:

Follow-Ups:
- Re: evolution and gpg
  - From: Sven Heinicke <sven@research.nj.nec.com>

References:
- evolution and gpg
  - From: Sven Heinicke <sven@research.nj.nec.com>

Prev by Date: RE: Weird lilo problem
Next by Date: Re: j2sdk1.4.0_01 and j2sdk1.3.1_04 - Not working under Debian3.0
Previous by thread: evolution and gpg
Next by thread: Re: evolution and gpg
Index(es):
- Date
- Thread