Sv: PGP signing/decoding problem
- From: Niklas =?UTF-8?Q?H=C3=B6glund=F6glund?= <niklas hoglund telia com>
- To: balsa-list gnome org
- Subject: Sv: PGP signing/decoding problem
- Date: Mon, 23 Jun 2003 20:52:47 +0200
Den 2003.06.23 19:48 skrev Albrecht Dreß:
> More detailed info about the signature, including the validity, is
> available when you select it. Unfortunately, I forgot to add the
> "trust" field, which I will add there asap. I could also (I think
> this was your point, wasn't it?) make the lock green only if the
> siganture verified correctly *and* if the key's validity and trust
> level is not "never" and not "unknown", thus mixing key and sig
> status (and making most locks red, btw). Hmmm...
This was what I suggested. Maybe there could be more colors. Orange
or yellow could mean that the signature is correct, but not from a
known key (signed by trusted parties, or however it is done).
I compare this to how mutt does it. In this mail, it said:
[-- PGP output follows (current time: Mon 23 Jun 2003 08:50:03 PM CEST)
gpg: Signature made Mon 23 Jun 2003 07:48:15 PM CEST using DSA key ID
gpg: Good signature from "Albrecht Dreß <firstname.lastname@example.org>"
gpg: WARNING: This key is not certified with a trusted signature!
gpg: There is no indication that the signature belongs to the
Primary key fingerprint: 5B02 5DD9 991E 8B82 6301 EB6F 9FFF 6E9C D027
[-- End of PGP output --]
(Without the extra linefeeds balsa inserted.)
On mails from people I have exchanged keys with, the warning is not
>> Also, it'd be nice with a command to fetch the key from a keyserver
>> when it's not available.
> A suboptimal solution (run gpg in a background shell) is in the cvs
> and as a patch on my web page. When seahorse/gpa provide an interface
> for getting keys, I'll replace it by that.
It is probably a good idea to make sure the fetch happens in the
background, somehow, as keyservers can sometimes be quite slow.
] [Thread Prev