Bug 278973

Summary: Signature check doesn't check against From: e-mail address
Product: [Applications] kmail2 Reporter: Bernd Paysan <bernd.paysan>
Component: cryptoAssignee: kdepim bugs <kdepim-bugs>
Status: RESOLVED FIXED    
Severity: normal CC: sknauss
Priority: NOR    
Version: 2.1.0   
Target Milestone: ---   
Platform: openSUSE   
OS: Linux   
Latest Commit: Version Fixed In:

Description Bernd Paysan 2011-07-31 21:54:41 UTC 
Version:           2.1.0 (using KDE 4.7.0) 
OS:                Linux

Send a signed e-mail from a new account, and use the old PGP key without adding the new e-mail account to the list. This will show up as "green" at the receiver side, since the signature itself is valid, but there's no check against the e-mail originator. Click on "details" shows only the main e-mail address, so when the key is used for a bunch of different addresses, this is still misleading.

Reproducible: Always

Steps to Reproduce:
Send a signed e-mail from a new account, and use the old PGP key without adding the new e-mail account to the list - or any other PGP key that doesn't correspond to the account.

Actual Results:  
Signature check says "ok", message in green.

Expected Results:  
Signature checks says "ok" for the actual mail content, but should warn about discrepancy between e-mail address and public key - message should be in red. Just imagine a browser would report green on SSL when the site "ebay.com" presents a valid certificate for "3vi1.h4ck0r.com".

Haven't checked, but seems to be that this problem has been there for ages. To be honest, Thunderbird/enigmail has the same bug.
Comment 1 Sandro Knauß 2013-11-25 00:19:50 UTC 
4.11.4 shows "Signed by you@example.com." in green so you see one one view who has signed it. In the end you want to be sure that the content is written by the user behind you@example.com, if he uses a different emailaddress to transfer the content is not that important in my eys.
Comment 2 Bernd Paysan 2013-11-25 00:33:03 UTC 
(In reply to comment #1)
> 4.11.4 shows "Signed by you@example.com." in green so you see one one view
> who has signed it. In the end you want to be sure that the content is
> written by the user behind you@example.com, if he uses a different
> emailaddress to transfer the content is not that important in my eys.

Yes, that seems to good enough.