seahorse-tool does not indicate key-id when checking signatures
| Affects | Status | Importance | Assigned to | Milestone | |
|---|---|---|---|---|---|
| seahorse |
Fix Released
|
Low
|
|||
| seahorse-plugins (Ubuntu) |
Fix Released
|
Medium
|
Ubuntu Desktop Bugs | ||
Bug Description
Binary package hint: seahorse
"seahorse-tool --verify" only checks .sig files and not .gpg files for signatures, then gives the email address and name of the signer, but not the key ID (which, it seems to me, is the point of verification).
When I attempt to check a .gpg file, I get the error "No valid signatures found". When I attempt to "decrypt" signed gpg files, seahorse-tool gives the error message "Couldn't decrypt file . . . No data" (although it quietly proceeds to unzip the file). Decrypting doesn't give any messages about who signed the file.
It should do the same as "gpg --verify": it should verify both .sig and .gpg files and give full results of verification, including the key ID. I'm not sure what the point of signing files is if you never see the ID of who signed it.
| Andreas Moog (ampelbein) wrote | #1 |
| Changed in seahorse: | |
| assignee: | nobody → desktop-bugs |
| importance: | Undecided → Medium |
| status: | New → Triaged |
| Changed in seahorse: | |
| status: | Unknown → Confirmed |
| Andreas Moog (ampelbein) wrote | #2 |
| Changed in seahorse: | |
| status: | Triaged → Fix Committed |
| Andreas Moog (ampelbein) wrote | #3 |
| Changed in seahorse-plugins (Ubuntu): | |
| status: | Fix Committed → Fix Released |
| Changed in seahorse: | |
| status: | Confirmed → Fix Released |
| Changed in seahorse: | |
| importance: | Unknown → Low |
In intrepid its not fixed. Still there is no indication which key-id was used to sign a file. I reported this issue Upstream, you can track the status and make comments here: http://