Fwd: Re: Fwd: Re: Question for app developers, like Enigmail etc. - Identicons

Ludwig Hügelschäfer ludwig at enigmail.net
Wed Jun 7 22:23:36 CEST 2017

Hi Stefan,

On 06.06.17 22:19, Stefan Claas wrote:
> On 06.06.17 20:46, Charlie Jonas wrote:
>> On 2017-06-06 19:12, Stefan Claas wrote:
>>> I tried also with Enigmail under OS X but when checking the
>>> signatures here from the list members i always get the blue
>>> "Untrusted Good Signature".
>> Yes I get this as well. Interestingly whatever trust level I give
>> keys, Enigmail on OSX seems to want to make the bar blue
>> regardless.
> Thanks for confirming. Hopefully Ludwig still follows this thread
> and can tell us why it's not working, as expected.

It's working as expected. To get a green bar in Enigmails header
display, the key signing the message has to be at least fully valid. A
key gets valid if you either:

- sign it (whether local or exportable is not relevant)


- it is signed by
  - at least one key you have signed and you have put "full" ownertrust
    on these
  - at least three other keys you have signed and you have put
    "marginal" ownertrust on these

This is the behaviour of the "classic" or "PGP" trust model which is
the default in GnuPG. Enigmail only displays the result.

You may read more about this here:

There's a lot more information about the web of trust out in the web.

Disclaimer: Configuring GnuPG to use the TOFU trust model may change
this behaviour.


BTW: Could you please stop forwarding your replies to the list? Now
there are 6 threads titled "Question for app developers, like Enigmail
etc. - Identicons" on the list. Just click on "Reply to list" when
replying. Thanks.

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: OpenPGP digital signature
URL: </pipermail/attachments/20170607/3b416215/attachment-0001.sig>

More information about the Gnupg-users mailing list