Mackenzie, I'm not so sure that it's a seahorse issue. In fact I made some other tests and I discovered that:
- seahorse only offers 4 options to trust a key while gpg offers 5 options (it adds "ultimately"), and for this I opened a new bug #327571
- if you trust a key with the option "utlimately" via cli using gpg then evolution recognize that a certain email has "valid signature".
I think we have two bugs:
- one for seahorse trust levels. (and I opened it as I sayd before);
- one for either evolution or seahorse-plugins (and I think the issue I posted is related to this) that I think should recognize a "valid signature" also if we don't trust a key with the "ultimately" option.
I also think the importance should be raised as this is a security issue.
Mackenzie, I'm not so sure that it's a seahorse issue. In fact I made some other tests and I discovered that:
- seahorse only offers 4 options to trust a key while gpg offers 5 options (it adds "ultimately"), and for this I opened a new bug #327571
- if you trust a key with the option "utlimately" via cli using gpg then evolution recognize that a certain email has "valid signature".
I think we have two bugs:
- one for seahorse trust levels. (and I opened it as I sayd before);
- one for either evolution or seahorse-plugins (and I think the issue I posted is related to this) that I think should recognize a "valid signature" also if we don't trust a key with the "ultimately" option.
I also think the importance should be raised as this is a security issue.