Thunderbird dealing with signed messages and mailing lists [was: Re: Best practices for obtaining a new GPG certificate]

Daniel Kahn Gillmor dkg at
Wed Mar 24 02:27:28 CET 2021

On Fri 2021-03-19 15:30:51 -0700, Mark via Gnupg-users wrote:
> It also has issues with signed messages and lists. For example you
> signed this message but it says "uncertain digital signature".  I don't
> remember this being an issue in the older TB/Enigmail.

Signed messages on mailing lists that modify message bodies (and
headers) in the way that gnupg-users at does should *not* show as
a valid digital signature.

for a bit more information on the problem, and
for a proposed method for MUAs to responsibly render such a message.


PS fwiw, "uncertain digital signature" probably shouldn't show at all in
   any reasonable end-user-facing MUA unless the user is in some sort of
   special-cased debug mode.  In typical operation, a message either is
   protected by a valid signature or it is not.  Displaying an
   intermediate status like "uncertain" is likely only to cause
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 227 bytes
Desc: not available
URL: <>

More information about the Gnupg-users mailing list