https://bugs.kde.org/show_bug.cgi?id=441209
Bug ID: 441209
Summary: signed by a PGP key that doesn't match uid is still
"green"
Product: kmail2
Version: unspecified
Platform: Other
OS: Linux
Status: REPORTED
Severity: normal
Priority: NOR
Component: crypto
Assignee: kdepim-b...@kde.org
Reporter: xenoterrac...@gmail.com
Target Milestone: ---
Created attachment 140865
--> https://bugs.kde.org/attachment.cgi?id=140865&action=edit
screenshot of the green path with sender/receiver
SUMMARY
using a trusted key to sign with a UID that it doesn't have shouldn't be green.
note: evolution warns about this.
STEPS TO REPRODUCE
1. create 2 sets of full gpg keys
2. use another client to sign sending one of your emails with the other emails
key.
I did this with a misconfiguration via fairemail.
OBSERVED RESULT
kmail shows green and all happy
EXPECTED RESULT
kmail should show yellow or red because that key isn't approved for that uid.
SOFTWARE/OS VERSIONS
Windows:
macOS:
Linux/KDE Plasma:
(available in About System)
KDE Plasma Version:
KDE Frameworks Version:
Qt Version:
ADDITIONAL INFORMATION
Kmail: 5.18.0
Operating System: Manjaro Linux
KDE Plasma Version: 5.22.4
KDE Frameworks Version: 5.85.0
Qt Version: 5.15.2
Kernel Version: 5.10.59-1-MANJARO (64-bit)
Graphics Platform: Wayland
Processors: 8 × Intel® Core™ i7-10610U CPU @ 1.80GHz
Memory: 15.4 GiB of RAM
Graphics Processor: Mesa Intel® UHD Graphics
--
You are receiving this mail because:
You are watching all bug changes.
