[kleopatra] [Bug 322664] Result of file signature verification is misleading/confusing
Tails
tails at boum.org
Sun Sep 21 16:00:58 BST 2014
https://bugs.kde.org/show_bug.cgi?id=322664
Tails <tails at boum.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |tails at boum.org
--- Comment #1 from Tails <tails at boum.org> ---
I'm part of the people developing Tails, a live system for privacy and online
anonymity:
https://tails.boum.org/
We recommend Kleopatra for our users to verify our ISO images:
https://tails.boum.org/doc/get/verify_the_iso_image_using_other_operating_systems/
But this message has proven to be very confusion to our users. To the point
that we added it to our documentation explaining that things are actually
all-right when you get that message.
I agree with maddinster at gmail.com in the sense that this message shouldn't
question the signature validity: when it happens the signature is indeed valid.
But mention that this is a valid signature by a key which hasn't been verified.
I think that the way to fix this is to get closer to the original GnuPG
message, which is more accurate in this case. This could be something link
this:
Good signature from "John Doe <john at doe.com>"
Signature made Mon 02 May 2014 00:12:54 CEST
WARNING: This key is not certified with a trusted signature!
There is no indication that the signature belongs to the
owner.
--
You are receiving this mail because:
You are the assignee for the bug.
More information about the Kdepim-bugs
mailing list