-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 On 01.09.14 14:59, Philip Jackson wrote: > A recent post on the mailing list shows the pink(ish) enigmail > header 'Error-signature verification failed ....' > > Clicking Details/security info shows that Public Key > uuuuuuuuuuuuuuuu is needed to verify the signature. > > gpg.conf should automatically download missing keys for me, so I > looked in Key Manager for the senders name. I have his public key > 0xzzzzzzzz which has enc, sign, cert and authenticate and it is > valid. > > Also shown in the key properties is a subkey 0xuuuuuuuu with > encrypt, sign and authentication and this is valid. > > This subkey is clearly the 'Public Key uuuuuuuuuuuuuuuu' that the > enigmail security info says I need. > > Why doesn't enigmail use the subkey to verify the signature ?
It does use this key. If the key wasn't in your keyring you would get the yellow ribbon. In your case you would not run into this except autoretrieve would fail. In fact, the message text is wrong and misleading. It should state what is really done: "Public Key uuuuuuuuuuuuuuuu was __used__ to verify the signature". I'll file a bug and prepare a patch. Ludwig -----BEGIN PGP SIGNATURE----- Version: GnuPG v2 iQEcBAEBCgAGBQJUBMKlAAoJEA52XAUJWdLjq4MH/jZhlUxuQ0pHbfTdAZmvt/gb syo3jcVFEprMS9RrSSltid2kgCjm7YWEkWhLj4Jo53KjQXc/9hmIBr7XuGuMyLdm O8XU9kLVZikEeKzGsLTWqOpSBZWqJAX4C9t+n2rpk1hwcUsEYuU/I3iYZaYCaYER wv7gqXSH9GQdtFxbVD0s7qikEs5j8fcsKU06Er5TaJOm8Dk29ccPQ9yK8BZJ0k0E u9pk9f5p1JYCA+jKljlf1ak3x59C32gg7Y+a6OK0NbkZhLgZQNEwMYe7lUOQyuao CUk/BFptWm0QUQvCJmqDBMNywEZUOaOD2I3JrDdVPs5zhUCk+wDOx+YiCh9h3Xc= =VMaJ -----END PGP SIGNATURE----- _______________________________________________ enigmail-users mailing list [email protected] To unsubscribe or make changes to your subscription click here: https://admin.hostpoint.ch/mailman/listinfo/enigmail-users_enigmail.net
