[kleopatra] [Bug 340144] BUG1: Verify signs signed with subkeys fails.
earthsound at gmail.com
earthsound at gmail.com
Tue Mar 10 17:57:51 GMT 2015
https://bugs.kde.org/show_bug.cgi?id=340144
earthsound at gmail.com changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |earthsound at gmail.com
--- Comment #1 from earthsound at gmail.com ---
I can confirm this behavior. I'm using Kleopatra Version 2.2.0-git945878c
(2014-11-25) downloaded as part of gpg4win 2.2.3 on Windows 7 64-bit.
When I download
https://www.torproject.org/dist/torbrowser/4.5a4/torbrowser-install-4.5a4_en-US.exe
and
https://www.torproject.org/dist/torbrowser/4.5a4/torbrowser-install-4.5a4_en-US.exe.asc,
import the Tor Browser Developers (signing key) [0x4E2C6E8793298290], and
attempt to verify it with Kleopatra, I get this message:
Signed on 2015-02-25 01:55 with unknown certificate
0x5242013F02AFC851B1C736B87017ADCEF65C2036.
The validity of the signature cannot be verified.
When I use gpg 2.0.26 (again, obtained as part of gpg4win), I get the following
output:
gpg: Signature made 02/25/15 01:55:56 Central Standard Time using RSA key ID
F65C2036
gpg: Good signature from "Tor Browser Developers (signing key)
<torbrowser at torproject.org>" [unknown]
gpg: WARNING: This key is not certified with a trusted signature!
gpg: There is no indication that the signature belongs to the owner.
Primary key fingerprint: EF6E 286D DA85 EA2A 4BA7 DE68 4E2C 6E87 9329 8290
Subkey fingerprint: 5242 013F 02AF C851 B1C7 36B8 7017 ADCE F65C 2036
--
You are receiving this mail because:
You are the assignee for the bug.
More information about the Kdepim-bugs
mailing list