Version: (using KDE KDE 3.5.5) Installed from: Ubuntu Packages OS: Linux In GPG (openPGP) you can attach multiple user ids to the same private signing key (e.g. because you are ONE person but have more than one email address). Unfortunatly, when kmail receives a message signed by such a key, the validation warning does not display the user id (identity) matching the sender's address, but the first listed in the key's record, which is quite confusing... For example : John Doe has two user ids attached to its key : (1)john doe <webmaster@acme.com> and (2)john doe <john@doe.com> If a receive a message from john@doe.com, Kmail says : "Message was signed by webmaster@acme.com" which is absolutly confusing... Thank you, Romuald Texier
Even worse : if I have only signed the certificate for john@doe.com and if I receive a mail from john@doe.com, KMail will actually say "Message was signed by webmaster at acme.com" and "The signature is valid, but the key's validity is unknown" instead of "Message was signed by john@doe.com" and "The signature is valid, and the key is fully trusted". Thank you, RT
I can confirm this behaviour. It's extremely confusing and unless someone was aware of all your email addresses, might make people think that the email was signed by someone else. Thanks.
Thank you for taking the time to file a bug report. KMail2 was released in 2011, and the entire code base went through significant changes. We are currently in the process of porting to Qt5 and KF5. It is unlikely that these bugs are still valid in KMail2. We welcome you to try out KMail 2 with the KDE 4.14 release and give your feedback.