[prev in list] [next in list] [prev in thread] [next in thread]
List: kmail-devel
Subject: Re: Security - handling of pbulic keys, signatures
From: Marc Mutz <mutz () kde ! org>
Date: 2002-06-28 17:17:40
[Download RAW message or body]
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On Friday 28 June 2002 13:25, Ferdinand Gassauer wrote:
> Hi!
> As the feature freeze approaches I want to ask (again), if handling
> of signed messages will be improved for 3.1.
> IMHO a message like
> **************
> Message was signed with unknown key 0x09B06E10.
> The validity of the signature can't be verified.
> **************
> should
> 1) check the key automaticaly against a public key server (may be it
> does, and if it does it should be stated in the message
> - The validity of the signature can't be verified localy and/or at
> <public key server>
Why? The yellow border nonetheless won't go away, since if you had
signed the peer's key, then you'd most likely have it on your public
keyring anyway.
> 2) allow to request the public key from the sender automaticaly - on
> a mouse click.
I had a patch once that made the key id a link to search on a pgp
keyserver. It shouldn't be too hard to make it fire up geheimnis if the
latter is found. Karl-Heinz has done something similar for the S/MIME
case.
> 3) allow to add the key to the public keyring.
The problem is that we'd need to fetch the key ourselves when we want to
keep (2) and (3) separate. Or rely on gpg --search-keys, which is only
available in GnuPG 1.0.7+, and not in PGP or older GnuPG's.
> may be I am missing something ... (integrated function of geheimnis?)
If you want to know whether Geheimnis can do this already, then the
answer is yes. If the question is for tighter KMail<->Geheimnis
intagration, then the answer is that Geheimnis first needs to mature a
bit. We can't distribute a pgp frontend that simply calls pgp/gpg with
the right parameters and opens a Konsole for the user to do the rest.
> IMHO a non experienced user will not be able to handle it the way it
> works now with command line commands as described in the handbook
Then the user needs to become experienced w.r.t. OpenPGP. ;-)
Seriously. Making OpenPGP even easier and prettier in KMail always has
the bad side-effect of encouraging users to do stupid things that - in
this case - hurt others. I have a (now revoked) signature on my key
that was added by such a user: He saw my mails in KMail and probably
wanted to make the yellow frame become green. So he signed my key. If
he did it locally (gpg --lsign), then the damage would have been
confined to himself. Now, we must trust other OpenPGP implementations
to correctly forbid users to rely on this user's revoked signature on
my key for checking the validity of my key.
A GUI can only do so much for making OpenPGP easier for the user.
Ultimately, she herself has to acquire a decent understanding of the
principles and - equally important - best and accepted practice.
Geheimnis has the potential to also educate users by asking them the
questions that need to be asked (esp. when signing). Currently, no GUI
does the job nearly as good as gpg's command line interface. Esp. with
1.0.7.
Marc
- --
Marc Mutz <mutz@kde.org>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.7 (GNU/Linux)
iD8DBQE9HJo93oWD+L2/6DgRAq4oAJ9jQWbLSPuI1FTzD9DS7Z8KpucCVACgiujM
PvNrFAqlTlcCMkCHr6R0T0w=
=E2Il
-----END PGP SIGNATURE-----
_______________________________________________
KMail Developers mailing list
kmail@mail.kde.org
http://mail.kde.org/mailman/listinfo/kmail
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic