Re: [Evolution] Signing e-mails with gpg fails
ty. den 01. 03. 2016 klokka 10.07 (+) skreiv Pete Biggs: > > > > I'm not sure why but I am currently unable to sign e-mails, I'm getting > > the following error: > > > > Could not create message. > > > > Because "gpg: skipped "67449612": No secret key > > gpg: signing failed: No secret key > > ", you may need to select different mail options. > > In the account preferences under the Security tab, the OpenPGP key ID: > field has a drop-down - are any keys listed there? > > > > > > I am using Evolution 3.18.5, GnuPG 1.4.20, Gnome 3.18.2 and Debian Sid > > 64bit. > > > I seem to remember when I was playing around and trying to get these > things working that Evolution preferred GnuPG2 - certainly I currently > have a symbolic link so that /usr/bin/gpg is actually running gpg2 and > everything works. > > P. Oh yeah, on this computer I have two gpg-keys. Could someone tell how I in the terminal make only one of them primary. I've tried gpg --edit-key stig then flagging it wrote 'primary' then 'save' but nothing changed. Stig signature.asc Description: This is a digitally signed message part ___ evolution-list mailing list evolution-list@gnome.org To change your list options or unsubscribe, visit ... https://mail.gnome.org/mailman/listinfo/evolution-list
Re: [Evolution] Signing e-mails with gpg fails
On Tue, 2016-03-01 at 10:07 +, Pete Biggs wrote: > > I seem to remember when I was playing around and trying to get > > these > > things working that Evolution preferred GnuPG2 - certainly I currently > have a symbolic link so that /usr/bin/gpg is actually running gpg2 and > everything works. Hi, this is the cause. Pre-evolution-data-server 3.18.5 gpg had been preferred, but I changed it to gpg2, because that's what seahorse is using since 3.18.0 or so. That meant that keys shown in account preferences were not available in the time of the sign/encrypt, because the two were using different gpg version. Part of the issue is that the gpg2 and gpg do not share keys, thus what one can find the other cannot. Bye, Milan ___ evolution-list mailing list evolution-list@gnome.org To change your list options or unsubscribe, visit ... https://mail.gnome.org/mailman/listinfo/evolution-list
Re: [Evolution] Signing e-mails with gpg fails
> > I'm not sure why but I am currently unable to sign e-mails, I'm getting > the following error: > > Could not create message. > > Because "gpg: skipped "67449612": No secret key > gpg: signing failed: No secret key > ", you may need to select different mail options. In the account preferences under the Security tab, the OpenPGP key ID: field has a drop-down - are any keys listed there? > > I am using Evolution 3.18.5, GnuPG 1.4.20, Gnome 3.18.2 and Debian Sid > 64bit. > I seem to remember when I was playing around and trying to get these things working that Evolution preferred GnuPG2 - certainly I currently have a symbolic link so that /usr/bin/gpg is actually running gpg2 and everything works. P. ___ evolution-list mailing list evolution-list@gnome.org To change your list options or unsubscribe, visit ... https://mail.gnome.org/mailman/listinfo/evolution-list
Re: [Evolution] Automatically fetching public key for encrypted mail does not work
On Tue, 2016-03-01 at 10:03 +0100, Milan Crha wrote: > > there was a Google Summer of Code project providing fetch of X.509 > certificates (for S/MIME, which MS Exchange supports) from address > books. It took the certificates from Global Address List (GAL), as > advertised by the MS Exchange server. It's filled here: > for LDAP: https://bugzilla.gnome.org/show_bug.cgi?id=203251 > for address books in general: > https://bugzilla.gnome.org/show_bug.cgi?id=704246 > > The work is currently blocked on NSS. Feel free to join the later bug, > the reporter has better overview of the subject. Actually the interesting bug is #736808. Specifically: https://bugzilla.gnome.org/show_bug.cgi?id=736808#c2 The "making the certs available" part is solved by evolution-pkcs11. Although that does want a little updating to make it build against the latest Evolution. As Milan says, the reason it's not merged into Evolution (or EDS) and enabled by *default* is because of NSS. The NSS PK11_ListCerts() function takes O(n²) time, because it iterates over the certs, for each one calling back into a naïve 'collector' function that checks it's unique and adds it to the list. In my case it takes about ten minutes to process all the certs that evolution-pkcs11 makes available. When you bring up the prefs dialog (not even looking at certs), Evolution calls that PK11_ListCerts() function. Three times, in quick succession. From the main thread, before it does any redrawing or anything else. 30 minutes later, you can finally see the prefs dialog :) So... in comment #2 of the bug, as referenced above, it says what I think needs doing — populate the dialog asynchronously instead of making us wait, and instead of using PK11_ListCerts we use our *own* code to iterate over the certs in the token, calling back to our own *non-stupid* callback function which quickly inserts each one into a GHashTable or something like that, instead of a linear list. In the longer term, I'd love to just ditch NSS completely and use something saner. But this should suffice for now to enable the GAL certificate lookup. -- David WoodhouseOpen Source Technology Centre david.woodho...@intel.com Intel Corporation smime.p7s Description: S/MIME cryptographic signature ___ evolution-list mailing list evolution-list@gnome.org To change your list options or unsubscribe, visit ... https://mail.gnome.org/mailman/listinfo/evolution-list
[Evolution] Signing e-mails with gpg fails
Hi everyone and thanks in advance, I'm not sure why but I am currently unable to sign e-mails, I'm getting the following error: Could not create message. Because "gpg: skipped "67449612": No secret key gpg: signing failed: No secret key ", you may need to select different mail options. I believe signing works and the secret subkey is "find-able" because I am actually able to do the following without any errors, and this is why I don't understand the error given by Evolution: $ gpg --output random.sig --detach-sig random.txt You need a passphrase to unlock the secret key for user: "Rock Storm" 4096-bit RSA key, ID 67449612, created 2016-02-21 (main key ID C96832FD) $ gpg --verify random.sig random.txt gpg: Signature made Sun 28 Feb 2016 11:47:47 AM CET using RSA key ID 67449612 gpg: Good signature from "Rock Storm " I am using Evolution 3.18.5, GnuPG 1.4.20, Gnome 3.18.2 and Debian Sid 64bit. Thanks again, Regards, Rock ___ evolution-list mailing list evolution-list@gnome.org To change your list options or unsubscribe, visit ... https://mail.gnome.org/mailman/listinfo/evolution-list
Re: [Evolution] Automatically fetching public key for encrypted mail does not work
Thanks tons Milan :-) I know David W. I'll contact him. Thanks again! On 01/03/16 10:03, Milan Crha wrote: better overview of ___ evolution-list mailing list evolution-list@gnome.org To change your list options or unsubscribe, visit ... https://mail.gnome.org/mailman/listinfo/evolution-list
Re: [Evolution] Automatically fetching public key for encrypted mail does not work
On Mon, 2016-02-29 at 22:58 +0100, Niklas Andersson wrote: > Hi, > > We are evaluating Evolution as a corporate email client and it > looks > really good. We are in particular very pleased with the integration > with > MS Exchange. > > One thing we didn't got to work though was automatically download > of > the senders public key from the directory in case the email was send > encrypted. > > Does anybody know if this feature is supposed to work? Is it on > the > todo-list if not? Can we pay someone to get it implemented if not? Hi, there was a Google Summer of Code project providing fetch of X.509 certificates (for S/MIME, which MS Exchange supports) from address books. It took the certificates from Global Address List (GAL), as advertised by the MS Exchange server. It's filled here: for LDAP: https://bugzilla.gnome.org/show_bug.cgi?id=203251 for address books in general: https://bugzilla.gnome.org/show_bug.cgi?id=704246 The work is currently blocked on NSS. Feel free to join the later bug, the reporter has better overview of the subject. Bye, Milan ___ evolution-list mailing list evolution-list@gnome.org To change your list options or unsubscribe, visit ... https://mail.gnome.org/mailman/listinfo/evolution-list
Re: [Evolution] Automatically fetching public key for encrypted mail does not work
...and we are testing with Evolution 3.18.5 On 01/03/16 09:15, Niklas Andersson wrote: Hi, No, we would need to fetch the keys from a LDAP-directory Assumed it's Linux, did you already try https://wiki.gnome.org/Apps/Evolution/FAQ#How_can_import_GPG_keys_automatically_from_within_Evolution.3F ? ___ evolution-list mailing list evolution-list@gnome.org To change your list options or unsubscribe, visit ... https://mail.gnome.org/mailman/listinfo/evolution-list ___ evolution-list mailing list evolution-list@gnome.org To change your list options or unsubscribe, visit ... https://mail.gnome.org/mailman/listinfo/evolution-list
Re: [Evolution] Automatically fetching public key for encrypted mail does not work
Hi, No, we would need to fetch the keys from a LDAP-directory Assumed it's Linux, did you already try https://wiki.gnome.org/Apps/Evolution/FAQ#How_can_import_GPG_keys_automatically_from_within_Evolution.3F ? ___ evolution-list mailing list evolution-list@gnome.org To change your list options or unsubscribe, visit ... https://mail.gnome.org/mailman/listinfo/evolution-list