gpg key is signed (with seahorse) but evolution still shows signed messages as not verified

I'm pretty sure this is a seahorse-plugins bug since I think that's what Evolution uses to do the verifying.

Machenzie, I think you are right as I described in bug #326841. You can verify that it's not an evolution issue using command line tool gpg instead of seahorse.

What about if you use seahorse-tool instead of gpg?

With seahorse-tool I think I cannot verify signed emails but only signed files.

Mackenzie, I'm not so sure that it's a seahorse issue. In fact I made some other tests and I discovered that:
- seahorse only offers 4 options to trust a key while gpg offers 5 options (it adds "ultimately"), and for this I opened a new bug #327571
- if you trust a key with the option "utlimately" via cli using gpg then evolution recognize that a certain email has "valid signature".

I think we have two bugs:
- one for seahorse trust levels. (and I opened it as I sayd before);
- one for either evolution or seahorse-plugins (and I think the issue I posted is related to this) that I think should recognize a "valid signature" also if we don't trust a key with the "ultimately" option.

I also think the importance should be raised as this is a security issue.

"Ultimately" means "it's my own key." Seahorse automatically assigns
this trust level to keys for which you have the secret key.

It says the email address has not been verified, correct? Have you
checked that the email address used is actually in the key?

Though interestingly, I just spotted an email that says "signature
verified" when the key expired nearly a year ago...

Machenzie, I think you are right about the "ultimately" option, in fact my private key is trusted automatically with this option.
About the email address, mine is present in the recipient public key as I signed it.

Not *your* email address, the sender's email address. A GPG key has
email addresses associated with it, but if the email address from which
the message was sent does not match one of the email addresses attached
to the key, it will say the signature is good but that it cannot verify
the sender (which is correct).

Mackenzie, the sender email address matches the email attached to the key. In fact, as I already described, it is sufficient to trust the sender key with "ultimately" to solve the issue (if the sender email hadn't matched the email attached to the key changing trust level shouldn't solve it)

I studied a little the web of trust mechanism and evolution shouldn't mind the way I trust a key. In fact this info is a personal info. If a public key is signed by my personal private key evolution should recognize the user (if the sender email corresponds to the email included in the public key).

Hi all, I'm having trouble with the same thing too,
today i added all variants of @gmail @googlemail and co and upper case version to be sure that my sending adress is within the key. But it's still not validated. As Karmic is coming in the next weeks i just wanted to know whether there is something new?

I didn't test karmic in my daily use yet, but I'm still searching for an evo / seahorse solution for 9.04

benste, you can simply type, in your comment, that you confirm the issue in 9.04 too instead of modifying the bug description and add this info. Please, modify it only if you have to add useful info to describe the bug.

Confirmed with
ubuntu 9.04_x86
Evolution 2.26.1
seahorse 2.26.1

(txs to benste for these info)

I have confirmed the bug txs to benste info

I have attached a bug watch to an upstream evolution gnome bug already reported there.
In this bug we have set the affected package to seahorse-plugins but I'm still not sure if it's correct. In Hardy there is no seahorse-plugins package but the problem is present. Maybe in Hardy seahorse-plugins functionalities were included in other packages?

Does someone still have this issue - i don't

@ marco, you should consider closing this bug as invalid if no one mentiones something else

baste,
I still have the issue also with 10.04 and evolution 2.28.3

Can confirm this for 10.10, Evolution 2.30.3