https://bugs.kde.org/show_bug.cgi?id=399050
--- Comment #9 from Jens Mueller <jens.a.mueller+...@rub.de> --- Hi Jan, > You might see different results from what I see because > different servers parse garbage input in a different way. That's interesting, however I'd not rely on the config of the IMAP server for end-to-end security (which PGP is assumed to provide). > As a side note, I do not think that *that* would be a > security issue because e-mail headers are forgeable Absolutely, but a lot of users assume that PGP can exactly counter the problem of forgeable email headers using digital signatures (even though a binding between the From:/Sender: address and the email address in the matching PGP has never been defined in the OpenPGP standard). > Trojita always unconditionally shows both Sender and > From fields if they are present. Yes, but only the display name, not the actual email address. For me, the testcases look as shown in attachment 115532. > Do you see a security problem in here? Depends on your point of view. I would not say those issues are super-bad. However, if we really want to rely on PGP for critical tasks I'd say there is still room for improvement in the UI of mail clients. Assume you receive a signed email from you employer with testcase #2 which includes a task-to-be-done-immediately (e.g. "The President: >>launch missiles<<") -- you may be stressed and not look into the signature details and just do it... > What we could do is to always show the e-mail address > which was matched. Would that make sense from your > point of view? Yes, I think it's a good practice to explicitly show the email address of the matching key (if available) and therefore answer the signed-by-whom question (or at least deligate it back to the user). Greetings Jens -- You are receiving this mail because: You are watching all bug changes.
