https://bugzilla.novell.com/show_bug.cgi?id=209339
Summary: KMail signature check problem Product: SUSE Linux 10.1 Version: Final Platform: Other OS/Version: Other Status: NEW Severity: Normal Priority: P5 - None Component: KDE AssignedTo: bnc-team-screening@forge.provo.novell.com ReportedBy: suse-beta@cboltz.de QAContact: kde-maintainers@suse.de
KMail showed me the following error message when checking the signature of a mail with Content-Type: multipart/signed; protocol="application/x-pkcs7-signature"; micalg=sha1;
The message in the main window was:
Nicht genügend Informationen zur Überprüfung der Signatur vorhanden: [Details] Status: Keine Status-Informationen verfügbar.
translated: not enough information to check the signature: [details] status: no status information available
Clicking [Details], I see the following message:
Fehler - Kleopatra Das Krypto-Modul lässt sich nicht initialisieren. Der Zertifikatsmanager wird jetzt beendet.
translated: error - Kleopatra The crypto module can't be initialized. The certificate manager will be terminated now.
I see two problems here:
a) the failed signature check Unfortunately, I don't know why it happens. What I can tell is that I have seen it some days ago with another mail (dunno if it was the same sender). KMail prints on stdout/stderr: gpgmeplug checkMessageSignature status flags: 0 gpgmeplug checkMessageSignature found email: lists@norrbring.se gpgmeplug checkMessageSignature found email: lists@norrbring.se
b) despite of the failed signature check, the mail gets a green border like mails with valid (but non-trusted) signatures. I consider this more critical than the failed signature check because it can make people believe the signature is valid. -> I would expect a yellow border because the signature can't be checked.
I'm using KDE and KMail from 10.1 + online updates.
https://bugzilla.novell.com/show_bug.cgi?id=209339
------- Comment #1 from suse-beta@cboltz.de 2006-09-30 09:34 MST ------- Created an attachment (id=100005) --> (https://bugzilla.novell.com/attachment.cgi?id=100005&action=view) screenshot (with [Details] message open)
https://bugzilla.novell.com/show_bug.cgi?id=209339
------- Comment #2 from suse-beta@cboltz.de 2006-09-30 09:35 MST ------- Created an attachment (id=100006) --> (https://bugzilla.novell.com/attachment.cgi?id=100006&action=view) the mail causing this problem
https://bugzilla.novell.com/show_bug.cgi?id=209339
aj@novell.com changed:
What |Removed |Added ---------------------------------------------------------------------------- AssignedTo|bnc-team- |kde-maintainers@suse.de |screening@forge.provo.novell| |.com |
https://bugzilla.novell.com/show_bug.cgi?id=209339
dmueller@novell.com changed:
What |Removed |Added ---------------------------------------------------------------------------- AssignedTo|kde-maintainers@suse.de |wstephenson@novell.com
https://bugzilla.novell.com/show_bug.cgi?id=209339
wstephenson@novell.com changed:
What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |NEEDINFO Info Provider| |suse-beta@cboltz.de
------- Comment #3 from wstephenson@novell.com 2007-01-29 13:25 MST ------- Can you reproduce this with 10.2?
Without Anders' public key, on 10.2, I get the same status message but with a yellow border, which is what I would expect.
https://bugzilla.novell.com/show_bug.cgi?id=209339
suse-beta@cboltz.de changed:
What |Removed |Added ---------------------------------------------------------------------------- Status|NEEDINFO |NEW Info Provider|suse-beta@cboltz.de |
------- Comment #4 from suse-beta@cboltz.de 2007-01-31 11:36 MST ------- I have seen the "Nicht genügend Informationen zur Überprüfung der Signatur vorhanden:" on 10.2 some days ago - again with _green_ border :-(
And I just checked with the mail in comment #2 (saved as /tmp/mail and opened using File - Open in KMail). The "Nicht genügend Informationen..." and even the details message are the same as in 10.1. And KMail still shows a green border...
ARGH - I just tested with a test user and got a yellow border. So I guess something in my $HOME is wrong. This will make it hard to reproduce for you :-( (If you have an idea which file could cause this: hints are welcome. If you can tell me how to verify the signature manually, I can also test it. However, I don't plan to move away ~/.kde file by file.)
Nevertheless KMail should display a yellow border ;-)
https://bugzilla.novell.com/show_bug.cgi?id=209339
User wstephenson@novell.com added comment https://bugzilla.novell.com/show_bug.cgi?id=209339#c5
Will Stephenson wstephenson@novell.com changed:
What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |NEEDINFO Info Provider| |suse-beta@cboltz.de
--- Comment #5 from Will Stephenson wstephenson@novell.com 2007-12-14 07:00:10 MST --- Have you seen this with 10.3?
https://bugzilla.novell.com/show_bug.cgi?id=209339
User suse-beta@cboltz.de added comment https://bugzilla.novell.com/show_bug.cgi?id=209339#c6
Christian Boltz suse-beta@cboltz.de changed:
What |Removed |Added ---------------------------------------------------------------------------- Status|NEEDINFO |NEW Info Provider|suse-beta@cboltz.de |
--- Comment #6 from Christian Boltz suse-beta@cboltz.de 2007-12-14 09:51:43 MST --- I'm currently using 10.3 with your test packages from ftp://ftp.suse.com/pub/people/wstephenson/kdepim-enterprise-update-test
The result has changed a bit:
a) existing user
The signature is not checked at all (no colored border). Instead, it's displayed as attachment with description "S/MIME Cryptographic Signature" and type "unknown".
I checked the KMail settings and found that the S/MIME (gpgsm) backend is disabled for whatever reason. Enabled it again.
Result: green border, with text: Es sind nicht genügend Informationen zur Überprüfung der Signatur vorhanden: [Details] Status: Keine Status-Informationen verfügbar. Details ausblenden No Audit Log available
Clicking on the [Details] link, Kleopatra shows a certificate with Subject: CN=Thawte Freemail Member,EMAIL=lists@norrbring.se Valid: From Do Sep 28 23:51:22 2006 to Fr Sep 28 23:51:22 2007 -> Expired
I fetch GPG keys automatically from a keyserver, maybe I got it this way. (It indeed gets auto-fetched - I just verified this by deleting it in Kleopatra. It was back after clicking the mail again.)
Since I now have the certificate, the behaviour is basically OK. I just wonder if the expired certificate should cause a warning.
b) new user
I see the yellow border as expected - but the [Details] link doesn't do anything.
https://bugzilla.novell.com/show_bug.cgi?id=209339
Will Stephenson wstephenson@novell.com changed:
What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |ASSIGNED Priority|P5 - None |P3 - Medium Summary|KMail signature check problem |kmail3: signature check problem
-
bugzilla_noreply@novell.com