phrase "UNTRUSTED good signature" is dangerously misleading

Werner Koch wk at
Sun Jul 14 09:40:56 CEST 2013

On Sun, 14 Jul 2013 06:01, rjh at said:

> If you want this to happen, the proper way to go forward is to convince
> the GnuPG developers to change the way GnuPG talks about ownertrust,
> good signatures versus verified signatures, and so on.  If GnuPG makes

We already did this many years ago.  Actually I can't find the phrase
the OP complained about.  Here is an example checking a signature using
a different account.  The key has been freshly imported:

  gpg: Signature made Thu Dec 20 20:48:35 2012 CET using RSA key ID 4F25E3B6
  gpg: Good signature from "Werner Koch (dist sig)"
  gpg: WARNING: This key is not certified with a trusted signature!
  gpg:          There is no indication that the signature belongs to the owner.
  Primary key fingerprint: D869 2123 C406 5DEA 5E0F  3AB5 249B 39D2 4F25 E3B6

It seems that Enigmail creates the string.  Looking at the output of GPA

  |4F25E386|Key NOT valid|Werner Koch (dist sig)|Uncertain signature ...|

If the key is valid (trusted), it would be

  |4F25E386|valid|Werner Koch (dist sig)|Good signature ...|

GPA uses the GPGME library which provides the needed information.  Thus
the code is pretty simple:

  if (data->summary & GPGME_SIGSUM_VALID)
      text = _("Valid");
      color = "green";
  else if (data->summary & GPGME_SIGSUM_RED)
      text = _("Bad");
      color = "red";
  else if (data->summary & GPGME_SIGSUM_KEY_MISSING)
      text = _("Unknown Key");
      color = "red";
  else if (data->summary & GPGME_SIGSUM_KEY_REVOKED)
      text = _("Revoked Key");
      color = "red";
  else if (data->summary & GPGME_SIGSUM_KEY_EXPIRED)
      text = _("Expired Key");
      color = "orange";
      /* If we arrived here we know the key is available, the signature is
       * not bad, but it's not completely valid. So, the signature is good
       * but the key is not valid. */
      text = _("Key NOT valid");
      color = "orange";

Thus GPA explicitly talks about the key and not about the signature if
there are problems with the key. IIRC, KMail does something very similar.



Die Gedanken sind frei.  Ausnahmen regelt ein Bundesgesetz.

More information about the Gnupg-devel mailing list