Version: 1.8.91 (using KDE 3.4.90 (alpha1, >= 20050806), compiled sources) Compiler: Target: i486-linux-gnu OS: Linux (i686) release 2.6.11-1-k7 When I get a signed message and gpg doesn't have the public key to verify that signature, kmail shows in the yellow area: > Message was signed with unknown key 0xXXXXXXXXXXXXXXXX. > The validity of the signature cannot be verified. > Status: No public key to verify the signature It would be nice if kmail could have an easy way (maybe the key id as a clickable link) to download the public key with gpg.
KMail is intentionally not designed to provide full key management functionality. Please use a program like KGPG for the key management instead. To automatically retrieve keys from keyservers, you can configure your GPG to do so ("keyserver-options auto-key-retrieve" in gpg.conf).
> KMail is intentionally not designed to provide full key management > functionality. Please use a program like KGPG for the key management > instead. To automatically retrieve keys from keyservers, you can configure > your GPG to do so ("keyserver-options auto-key-retrieve" in gpg.conf). Sure, but the normal user doesn't know neither KGPG nor how to configure gpg manually (ie, editing by hand the config file). And what about the confort to receive a signed mail, click Retrieve Key and, voila!, the key is fetched? I admit that sometimes could be quite boring do select key, copy, open kgpg, open the server dialog, paste the key, click import wait for the importing, return to kmail and finally reload the message to have the sign verified. And also for the normal user that could be boring. Other mail clients provide a similar function, so why not kmail?
I also think it would be a great thing to have two options : - retrieve gpg key from kgpg or - open this key for edition in Kgpg if it's already in the db People who are subscribed to developing mailing lists just have to keep importing manually all the time. That would be a great feature
May also be useful design a tool wich will try to download the selected key from multiple servers.
I second this request. It would be a nice feature if KMail would download unknown keys from the keyserver. The gpg-agent could do it with --recv-keys.
Created attachment 15237 [details] Helper perl script for downloading keys It is of course not like full KMail gui support, but is still helpful. You can download the attached Perl script, and set up a manual filter in KMail in the following way: Filter criteria: size >= 0 Filter actions: _Execute command_: /path/to/script/extract-key-id.pl (Do not pipe through the script, otherwise you'll lose the email) And in the Advanced tab: Check "if this filter matches, stop processing here..." The script tries to parse the email message (only handles signed emails, no decryption) and extract key ids from the signature fields. Then, it calls the gpg executable to actually download the keys from the server. The script is quite primitive, and only supports the most basic format of signature strings. Nevertheless it works OK with the mails I receive.
*** This bug has been marked as a duplicate of 80066 ***