Version: (using KDE KDE 3.2.1) Installed from: Compiled From Sources OS: Linux The situation: I am reading PGP-signed email signed with the key I do not currently know. There are two things which could be improved: a) In such case my kmail shows text (it is in Polish but the problem is likely to be generic: 'Wiadomość została podpisana nieznanym kluczem 0xFFFFFFFFFFFFF. Nie można sprawdzić poprawności podpisu.' (message is signed with unknown key 0xFFFFFFFFFFF The signature can not be verified'. This text missess one very important information: the KIND of key. In this case it should tell 'message is signed with unknown *PGP* key...'. It is worth remembering that one can (try) configuring S/MIME support too. So: information that the message is signed should contain information about the signature kind I think that in case signature uses known key and is verified it should tell it too). b) In case I miss such public key, to download it, I usually must open kgpg, open its key server window, copy&paste the key identifier to the key search window, then go back to kmail, click some other mail and click this mail again. One can easily find a lot of possible improvements here. I imagine for instance - whenever info about unknown PGP key is presented, there is either in-text button or right-click context menu position 'Download this key' - after selecting this position I see some kind of key search window (with button to abort search available), after the search is found it is automatically imported, - after i close the window above I return to kmail and the freshly downloaded key is automatically used to verify the signature - so I just see the info that the signature was verified
Em Qua 21 Abr 2004 10:17, Marcin Kasperski escreveu: > b) In case I miss such public key, to download it, I usually must open > kgpg, open its key server window, copy&paste the key identifier to the key > search window, then go back to kmail, click some other mail and click this > mail again. One can easily find a lot of possible improvements here. I > imagine for instance - whenever info about unknown PGP key is presented, > there is either in-text button or right-click context menu position > 'Download this key' - after selecting this position I see some kind of key > search window (with button to abort search available), after the search is > found it is automatically imported, - after i close the window above I > return to kmail and the freshly downloaded key is automatically used to > verify the signature - so I just see the info that the signature was > verified One can configure gpg to automatically fetch unknown keys from key servers.
This option is not present anywhere withing kgpg configuration so - for the average KDE user - it does not exist. Maybe it would be good idea to add it somewhere within kgpg configuration. But I am afraid that turning it on will cause painful experience - as it is gpg option, there will be no 'downloading key' window with Abort button, probably no clue what is going on at all and probably long delay while opening the mail message.
Em Qua 21 Abr 2004 11:26, Marcin Kasperski escreveu: > This option is not present anywhere withing kgpg configuration so - for the > average KDE user - it does not exist. Maybe it would be good idea to add it > somewhere within kgpg configuration. File a wish item for KGpg.
Just saw this thread. Configuring gpg to automatically download unknown keys is really bad for the GUI, because there is no feedback, so KGpg or KMail will likely freeze until the key is fully downloaded. I just added a new DCOP method to KGpg that offers just what is requested in b). All that is needeed now is adding a button in KMail to perform the task... The DCOP method works like this: dcop kgpg KeyInterface importRemoteKey 0x000000 where 0x00000 is the key ID. It brings KGpg's key import dialog, with possibility to abort. The biggest problem I see is that KGpg is in kdeutils and not in kdepim, so KGpg will not necessarily be present... I will forward the info to the kde-pim list.
Created attachment 6079 [details] Enable KGpg calls for key import & info This patch changes KMail so that when a message is signed with an unknown key, you just need to click on the key ID in KMail to import it from a keyserver. Clicking on a known key brings up a key info dialog. It is all done through DCOP calls to KGpg. Requires latest kgpg & kmail cvs.
Great! Minor note: as it can be fairly unobvious for the user what will happen after click, I'd do something like: - append additional explanation to the info, so it reads for instance Message was signed with unknown key 0x34234234 (click to import). and Message was signed by John Smith (click to view). - or create statusbar notification of similar type when the mouse is over the link
BTW: what about smaller part of this bug - a) (information about the signature type)?
Is there any chance of getting this patch applied in the near future? I'd very much like to see this feature.
*** Bug 112438 has been marked as a duplicate of this bug. ***
Thank you for your feature request. Kmail1 is currently unmaintained so we are closing all wishes. Please feel free to reopen a feature request for Kmail2 if it has not already been implemented. Thank you for your understanding.
Situation in KMail2 is still the same.