Ubuntu
seahorse package

seahorse does not correctly handel keys with subkeys

Bug #365315 reported by bernhard
4
Affects Status Importance Assigned to Milestone
seahorse (Ubuntu)
Invalid
Undecided
Ubuntu Desktop Bugs

Bug Description

Binary package hint: seahorse

The "old" seahorse in jaunty displayed the correct Key ID for the inner certificate

The seahorse version in jaunty (all updates) just displays something not useable.
The certficate is valid because the firefox addon FireGPG CAN handle this.

With this new seahorse version also evolution is not able to send encrypted mails anymore.

Revision history for this message
bernhard (bernhardredl) wrote :
Revision history for this message
Andreas Moog (ampelbein) wrote :

Thank you for taking the time to report this bug and helping to make Ubuntu better.

However, I can't see the problem here. There are no subkeys in the screenshot attached, those are UIDs of your key.

Do you get an error when trying to send encrypted mails, does it do nothing, does it crash? Please be as detailed as possible when describing the problems you are facing. You may find it helpful to read http://www.chiark.greenend.org.uk/~sgtatham/bugs.html

Changed in seahorse (Ubuntu):
assignee: nobody → Ubuntu Desktop Bugs (desktop-bugs)
status: New → Incomplete
Revision history for this message
bernhard (bernhardredl) wrote :

ok:
the KeyID is 2FCC2BB4 > this key is in the security tab of my mailaccount @ evolution.

i write a testmail to myself from the account with the KeyID 2FC ..
I check Security > PGP Sign
send:

it asks me to unlock the cached passphrase for Key with ID 2FCC2BB4

It sends the message without any warnings or errors.
When i check the message evolution displays:
"Valid signature, but cannot verify sender"
(http://paste.ubuntu.com/156221/) GPG error message
When i check the old imported sent mails (from hardy) in evolution i get
"Valid signature" and a green bar.

is it generally adviceable to make one cert for 2 mailaccounts? imho there are lot of troubles

Revision history for this message
bernhard (bernhardredl) wrote :

an additional problem is: when i send a email with the content "testmail" to a friend (his public key is known)
and want to encrypt that, evolutionis encrypting the mail with MY key.

When i display the sourcecode of the sent mail i just get a long
-----BEGIN PGP MESSAGE-----
Version: GnuPG v1.4.9 (GNU/Linux)

hQQOA3tOYyQIcRBfEA//ZvBhRw
....
...
...

When i try to decrypt this with my private key i get the content testmail.
This is not how it should be.

Steps to reproduce:
1. write email
2. TO: friends email (keymanager knows public key)
3. select Security > sign PGP & encrypt PGP
4. send message
5. check message in sent folder.
6. > message is READABLE with my private key
7. Evolution displays: Valid signature, but cannot verify sender
Encrypted

Revision history for this message
Andreas Moog (ampelbein) wrote :

Point 1 is not a problem with seahorse since even gpg thinks your key is not signed with a trusted signature. You have to trust at least one of the keys which signed the key. You can adjust the trust settings in seahorse or the gpg-commands to accomplish that.

Point 2 isn't a real problem, too. Check in the security-settings of evolution that you do not have an option like "always encrypt to self" activated, check the same for System->Preferences->Encryption and Keyrings. With this option active, you are supposed to be able to decrypt a message. It still will be decryptable by the key of your friend. That's how gpg/pgp works.

I'm closing here since what you reported does not look like a bug in seahorse. As a general reminder, you can always open a support question on https://answers.launchpad.net and will get quality help. Thanks for your understanding.

Changed in seahorse (Ubuntu):
status: Incomplete → Invalid
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.