Bug 138098

Summary: Ability to encrypt to unsigned keys
Product: [Unmaintained] kmail Reporter: Gehold Bertin <NewsAssi>
Component: generalAssignee: kdepim bugs <pim-bugs-null>
Status: RESOLVED DUPLICATE    
Severity: wishlist    
Priority: NOR    
Version First Reported In: 1.9.5   
Target Milestone: ---   
Platform: unspecified   
OS: Linux   
Latest Commit: Version Fixed/Implemented In:
Sentry Crash Report:

Description Gehold Bertin 2006-11-29 19:15:56 UTC 
Version:           1.9.5 (using KDE 3.5.5, Kubuntu (dapper) 4:3.5.5-0ubuntu1~dapper2)
Compiler:          Target: i486-linux-gnu
OS:                Linux (i686) release 2.6.15-26-386

It's not possible to encrypt mails without signing the keys.

Some people call such a behavoir a feature. But it pushs the people to sign keys without the possible to check them.

E.g. I've more then 80 keys, so I have to sign 50% of them, If want to communicate with my buddies, but I can't  actually check the keys, because I do not trust fingerprint, their mailed or jabbered...

After signing (locally) I can't see, which I checked and which I didn't checked.

And it is better to let the people choose. It is better for the spreading of encryption and free speak...

Almost software using gpg have an option to allow unsigned keys...

So I bet you, think about it and add such an option...

Thanks a lot
Comment 1 Philip Rodrigues 2006-11-30 00:15:49 UTC 
Retitling to reflect the wish a bit better, hopefully
Comment 2 Gehold Bertin 2006-11-30 00:22:00 UTC 
Thanks for retitling!
Comment 3 newsscott 2006-11-30 00:47:03 UTC 
In my opinion, encryption with kmail should behave the same way as 'pure' gpg does:

---snip---
gpg: XXXXXXXX: There is no assurance this key belongs to the named user

pub  2048R/XXXXXXXX 2003-03-05 XYZ
 Primary key fingerprint: ABCD 1234 ....

It is NOT certain that the key belongs to the person named
in the user ID.  If you *really* know what you are doing,
you may answer the next question with yes.
---snip---
Comment 4 Gehold Bertin 2006-11-30 07:35:07 UTC 
That would be a great way... So you try to remember the user to verify the key, but he can use it anyway
Comment 5 Thomas McGuire 2007-02-11 11:46:44 UTC 

*** This bug has been marked as a duplicate of 44699 ***