phrase "UNTRUSTED good signature" is dangerously misleading
infinity0 at gmx.com
Sun Jul 14 12:14:16 CEST 2013
On 14/07/13 08:40, Werner Koch wrote:
> On Sun, 14 Jul 2013 06:01, rjh at sixdemonbag.org said:
>> If you want this to happen, the proper way to go forward is to convince
>> the GnuPG developers to change the way GnuPG talks about ownertrust,
>> good signatures versus verified signatures, and so on. If GnuPG makes
> We already did this many years ago. Actually I can't find the phrase
> the OP complained about. Here is an example checking a signature using
> a different account. The key has been freshly imported:
> gpg: Signature made Thu Dec 20 20:48:35 2012 CET using RSA key ID 4F25E3B6
> gpg: Good signature from "Werner Koch (dist sig)"
> gpg: WARNING: This key is not certified with a trusted signature!
> gpg: There is no indication that the signature belongs to the owner.
> Primary key fingerprint: D869 2123 C406 5DEA 5E0F 3AB5 249B 39D2 4F25 E3B6
I can also confirm this; it does indeed appear the bad phrase originates from
Enigmail and not GnuPG, or perhaps something that sits in between the two.
For the GnuPG warning, I think the "This key is not certified with a trusted
signature!" is succinct and technically accurate. However the follow-up
explanation (and there ought to be a follow-up) could still be confusing to
non-techies, and does not suggest a course of action.
Perhaps something like:
gpg: WARNING: This key is not certified with a trusted signature!
gpg: It may not actually belong to e.g. <first UID>.
gpg: See keysigning(7) for guidance on how to fix this.
so that it actually communicates to the user it's a problem to be fixed, rather
than an un-actionable warning. It's analogous to certificate warnings in
browsers; I imagine you guys can take some inspiration from those. I would even
go so far as to not exit 0 in this situation, but that might break existing
> It seems that Enigmail creates the string. Looking at the output of GPA
> |4F25E386|Key NOT valid|Werner Koch (dist sig)|Uncertain signature ...|
> If the key is valid (trusted), it would be
> |4F25E386|valid|Werner Koch (dist sig)|Good signature ...|
> GPA uses the GPGME library which provides the needed information. Thus
> the code is pretty simple:
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 897 bytes
Desc: OpenPGP digital signature
More information about the Gnupg-devel