[kmail2] [Bug 469304] New: KMail does not find the key used to sign a message if a signing subkey was used

Wed May 3 10:45:50 BST 2023

https://bugs.kde.org/show_bug.cgi?id=469304

            Bug ID: 469304
           Summary: KMail does not find the key used to sign a message if
                    a signing subkey was used
    Classification: Applications
           Product: kmail2
           Version: 5.22.3
          Platform: Other
                OS: Linux
            Status: REPORTED
          Severity: normal
          Priority: NOR
         Component: crypto
          Assignee: kdepim-bugs at kde.org
          Reporter: kloecker at kde.org
  Target Milestone: ---

SUMMARY
KMail claims that messages signed with a subkey of my own key are signed with
an unknown key.

STEPS TO REPRODUCE
1. You need an OpenPGP certficate with a signing subkey.
2. Sign a message with this key and send it to yourself (or use Send Later to
put it in your outbox).
3. View the message.

OBSERVED RESULT
I have an OpenPGP certficate with a signing subkey that is used to sign my
messages. KMail has no problem signing my messages, but when viewing my
messages KMail says:
> Message was signed on 25.04.23 18:24 with unknown key 0xDB8E020E328C30942060BF21B16F599516474ABA.
> The validity of the signature cannot be verified.
> Status: Good signature

Obviously, this doesn't make any sense because how can the signature be good if
it was signed with an unknown key. It turns out that gpg which is used to
verify the signature very well knows the key, but KMail is not able to find it.

EXPECTED RESULT
KMail should say something like:
> Message was signed by *@ingo-kloecker.de (Key ID: 0xE375339BF4C51840).
> The signature is valid and the key is ultimately trusted.

-- 
You are receiving this mail because:
You are the assignee for the bug.