Invalid signatures in Evo2

Alexander Dalloz ad+lists at uni-x.org
Thu Nov 18 16:47:55 UTC 2004


Am Do, den 18.11.2004 schrieb Paul Howarth um 10:02:

> > Back again with (probably) another configuration nit. Since upgrading
> > from FC1 w/Evolution 1.4.2 to FC3 w/Evolution 2.0.2, I've noticed that
> > all the digital signatures on this list are now flagged as invalid. I

> Evo will report the signature as invalid if you don't have the signer's
> public key in your keyring.
> 
> Try clicking on the icon at the left end of the "signature" bar where
> it's saying the signature is invalid. A "Security Information" box will
> appear, and one of the lines will read "gpg: Signature made ...
> using ... key ID xyz" You need to add that key to your keyring to be
> able to check the signature.
> 
> $ gpg --recv-key xyz
> 
> Next time you see a signature from that poster, it should say "Valid
> signature" for their mail, though it will probably also say "cannot
> verify sender". That's another discussion though ;-)
> 
> Paul.

You can let that job done automagically by editing the ~/.gnupg/gpg.conf
file and activating following line

keyserver-options auto-key-retrieve

If you then click on the signature icon within a mail using Evolution
gpg will start fetching the public key if the key is not already hold in
the public keyring. This does not mean, that you automatically trust the
foreign key! Paul said so with his hint for the "cannot verify sender"
message. 

Setting a desired keyserver address can be useful too.

Alexander


-- 
Alexander Dalloz | Enger, Germany | new address - new key: 0xB366A773
legal statement: http://www.uni-x.org/legal.html
Fedora GNU/Linux Core 2 (Tettnang) on Athlon kernel 2.6.8-1.521smp 
Serendipity 17:45:14 up 19:31, 16 users, 0.15, 0.45, 0.39 
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 189 bytes
Desc: Dies ist ein digital signierter Nachrichtenteil
URL: <http://listman.redhat.com/archives/fedora-list/attachments/20041118/74b7c37c/attachment-0001.sig>


More information about the fedora-list mailing list