Ubuntu
kdepim package

KMail prevents encryption, if the target key is not ultimately trusted or (locally) signed

Bug #107107 reported by Daniel Hahler
12
Affects Status Importance Assigned to Milestone
KDE PIM
Fix Released
Wishlist
kdepim (Debian)
Fix Released
Unknown
kdepim (Ubuntu)
Fix Released
Wishlist
Unassigned

Bug Description

Binary package hint: kdepim

KMail does not allow encryption of mails with keys that are not trusted or (locally) signed.

The KDE upstream bug has some good points, why this is bad behaviour.

Additionally, it has a lot of votes and a rudimentary patch. It would be great if the patch could get improved and applied for Kubuntu.

See original description
Revision history for this message
In , Dato Simó (dato) wrote : Re: Bug#296601: kmail: Does not allow to encrypt to some keys

forwarded 296601 http://bugs.kde.org/44699
thanks

* Timo Weingärtner [Wed, 23 Feb 2005 15:48:07 +0100]:
> Package: kmail
> Version: 4:3.3.2-1
> Severity: important

> With some keys when searching for a key to encrypt a message to the key is
> first shown with yellow over it and when selecting it the key icon turns into
> something with red and the ok button gets greyed out.
> This even happens with keys i have assigned full ownertrust.

> KMail might well issue a warning if it thinks the key is not trusted, but
> finally I AM THE USER and i should decide if i want to encrypt to such a key.

  Yes, this is a known defect in KMail. I and other KDE Debian
  maintainers agree that the user should be able to force the use of a
  key.

  See http://bugs.kde.org/44699 for details (reported in 2002, go
  figure). All I can recommend is that you put some votes in the
  upstream bug report.

  For the moment, you'll have to --lsign the keys you need to use.

  Thanks,

--
Adeodato Simó
    EM: asp16 [ykwim] alu.ua.es | PK: DA6AE621
    Listening to: Javier Krahe - La hoguera

A black cat crossing your path signifies that the animal is going somewhere.
                -- Groucho Marx

Revision history for this message
In , Debian Qt/KDE Maintainers (debian-qt-kde) wrote :

user <email address hidden>
forwarded 296601 http://bugs.kde.org/44699
usertag 296601 =
usertag 296601 + bzStatus-new
thanks

Revision history for this message
In , Pierre Habouzit (madcoder) wrote :
Download full text (26.9 KiB)

user <email address hidden>

forwarded 100894 http://bugs.kde.org/6184
usertag 6184 =
usertag 6184 + bzStatus-new
forwarded 101379 http://bugs.kde.org/32192
usertag 32192 =
usertag 32192 + bzStatus-unconfirmed
forwarded 102462 http://bugs.kde.org/35918
usertag 35918 =
usertag 35918 + bzStatus-unconfirmed
forwarded 111358 http://bugs.kde.org/35921
usertag 35921 =
usertag 35921 + bzStatus-closed
usertag 35921 + bzRes-fixed

forwarded 116824 http://bugs.kde.org/35926
usertag 35926 =
usertag 35926 + bzStatus-resolved
usertag 35926 + bzRes-wontfix

forwarded 116826 http://bugs.kde.org/22723
usertag 22723 =
usertag 22723 + bzStatus-new
forwarded 118834 http://bugs.kde.org/35938
usertag 35938 =
usertag 35938 + bzStatus-new
forwarded 131562 http://bugs.kde.org/48485
usertag 48485 =
usertag 48485 + bzStatus-resolved
usertag 48485 + bzRes-worksforme

forwarded 134368 http://bugs.kde.org/40418
usertag 40418 =
usertag 40418 + bzStatus-new
forwarded 134611 http://bugs.kde.org/54379
usertag 54379 =
usertag 54379 + bzStatus-resolved
usertag 54379 + bzRes-fixed

forwarded 135632 http://bugs.kde.org/37210
usertag 37210 =
usertag 37210 + bzStatus-new
forwarded 141094 http://bugs.kde.org/54329
usertag 54329 =
usertag 54329 + bzStatus-resolved
usertag 54329 + bzRes-fixed

forwarded 141095 http://bugs.kde.org/54330
usertag 54330 =
usertag 54330 + bzStatus-resolved
usertag 54330 + bzRes-fixed

forwarded 143457 http://bugs.kde.org/31055
usertag 31055 =
usertag 31055 + bzStatus-unconfirmed
forwarded 145786 http://bugs.kde.org/62603
usertag 62603 =
usertag 62603 + bzStatus-new
forwarded 146047 http://bugs.kde.org/54382
usertag 54382 =
usertag 54382 + bzStatus-resolved
usertag 54382 + bzRes-fixed

forwarded 147088 http://bugs.kde.org/118123
usertag 118123 =
usertag 118123 + bzStatus-unconfirmed
forwarded 158841 http://bugs.kde.org/66790
usertag 66790 =
usertag 66790 + bzStatus-resolved
usertag 66790 + bzRes-fixed

forwarded 172610 http://bugs.kde.org/59069
usertag 59069 =
usertag 59069 + bzStatus-unconfirmed
forwarded 174560 http://bugs.kde.org/67153
usertag 67153 =
usertag 67153 + bzStatus-new
forwarded 180801 http://bugs.kde.org/54845
usertag 54845 =
usertag 54845 + bzStatus-new
forwarded 180894 http://bugs.kde.org/71338
usertag 71338 =
usertag 71338 + bzStatus-reopened
forwarded 183281 http://bugs.kde.org/66020
usertag 66020 =
usertag 66020 + bzStatus-new
forwarded 185034 http://bugs.kde.org/66050
usertag 66050 =
usertag 66050 + bzStatus-new
forwarded 185116 http://bugs.kde.org/59599
usertag 59599 =
usertag 59599 + bzStatus-new
forwarded 185957 http://bugs.kde.org/70053
usertag 70053 =
usertag 70053 + bzStatus-resolved
usertag 70053 + bzRes-fixed

forwarded 186150 http://bugs.kde.org/28321
usertag 28321 =
usertag 28321 + bzStatus-new
forwarded 186164 http://bugs.kde.org/33372
usertag 33372 =
usertag 33372 + bzStatus-new
forwarded 187339 http://bugs.kde.org/43366
usertag 43366 =
usertag 43366 + bzStatus-new
forwarded 187887 http://bugs.kde.org/66049
usertag 66049 =
usertag 66049 + bzStatus-new
forwarded 190033 http://bugs.kde.org/66318
usertag 66318 =
usertag 66318 + bzStatus-resolved
usertag 66318 + bzRes-duplicate

forwarded 192045 http://bugs.kde.org/6604...

Revision history for this message
In , Pierre Habouzit (madcoder) wrote : btspull automated mail
Download full text (115.6 KiB)

user <email address hidden>
forwarded 85437 http://bugs.kde.org/show_bug.cgi?id=20186
tags 85437 + upstream fixed-upstream
usertags 85437 + status-CLOSED resolution-FIXED
tags 223708 + upstream fixed-upstream
usertags 223708 + status-CLOSED resolution-FIXED
forwarded 85443 http://bugs.kde.org/show_bug.cgi?id=20187
tags 85443 + upstream fixed-upstream
usertags 85443 + status-CLOSED resolution-FIXED
forwarded 100894 http://bugs.kde.org/show_bug.cgi?id=6184
tags 100894 + upstream
usertags 100894 + status-NEW
tags 215400 + upstream
usertags 215400 + status-NEW
tags 94567 + upstream wontfix
usertags 94567 + status-RESOLVED resolution-WONTFIX
forwarded 101379 http://bugs.kde.org/show_bug.cgi?id=32192
tags 101379 - wontfix
tags 101379 + upstream
usertags 101379 + status-UNCONFIRMED
usertags 154184 + status-RESOLVED resolution-FIXED
forwarded 102462 http://bugs.kde.org/show_bug.cgi?id=35918
usertags 102462 + status-UNCONFIRMED
forwarded 262988 http://bugzilla.kernel.org/show_bug.cgi?id=4532
tags 262988 + upstream fixed-upstream
usertags 262988 + status-CLOSED resolution-CODE_FIX
tags 132860 + upstream wontfix
usertags 132860 + status-RESOLVED resolution-WONTFIX
usertags 226824 + status-ASSIGNED
tags 221999 + upstream fixed-upstream
usertags 221999 + status-RESOLVED resolution-WORKSFORME
forwarded 103201 http://bugs.kde.org/show_bug.cgi?id=28072
tags 103201 + fixed-upstream
usertags 103201 + status-RESOLVED resolution-FIXED
usertags 169092 + status-NEW
tags 251067 + upstream
usertags 251067 + status-NEW
tags 144907 + upstream
usertags 144907 + status-ASSIGNED
forwarded 111358 http://bugs.kde.org/show_bug.cgi?id=35921
tags 111358 + upstream fixed-upstream
usertags 111358 + status-CLOSED resolution-FIXED
usertags 297529 + status-NEW
tags 223738 + upstream fixed-upstream
usertags 223738 + status-RESOLVED resolution-WORKSFORME
forwarded 116824 http://bugs.kde.org/show_bug.cgi?id=35926
usertags 116824 + status-RESOLVED resolution-WONTFIX
tags 180740 + upstream
usertags 180740 + status-REOPENED
usertags 169146 + status-NEW
tags 223928 + upstream fixed-upstream
usertags 223928 + status-RESOLVED resolution-WORKSFORME
usertags 190690 + status-UNCONFIRMED
tags 266542 + upstream
usertags 266542 + status-NEW
forwarded 116826 http://bugs.kde.org/show_bug.cgi?id=22723
usertags 116826 + status-NEW
tags 311758 + upstream
usertags 311758 + status-RESOLVED resolution-CODE_FIX
tags 303074 + upstream fixed-upstream
usertags 303074 + status-RESOLVED resolution-WORKSFORME
tags 196814 + upstream
usertags 196814 + status-NEW
tags 48602 + upstream wontfix
usertags 48602 + status-RESOLVED resolution-WONTFIX
tags 201323 + upstream
usertags 201323 + status-NEW
tags 238290 + upstream
usertags 238290 + status-NEW
forwarded 231017 https://bugzilla.icculus.org/show_bug.cgi?id=952
usertags 231017 + status-ASSIGNED
usertags 321403 + status-ASSIGNED
forwarded 118834 http://bugs.kde.org/show_bug.cgi?id=35938
usertags 118834 + status-NEW
usertags 200342 + status-NEW
tags 206744 + fixed-upstream
usertags 206744 + status-RESOLVED resolution-FIXED
tags 280412 + fixed-upstream
usertags 280412 + status-RESOLVED resolution-FIXED
tags 310141 + upstream
usertags 310141 + statu...

Revision history for this message
In , Timo =?iso-8859-15?q?Weing=E4rtner?= (timo-tiwe) wrote : Re: Bug#296601: kmail: Does not allow to encrypt to some keys

found 3.5.2-1
thanks

Am Mittwoch, 23. Februar 2005 22:07 schrieb Adeodato Simó:
> See http://bugs.kde.org/44699 for details (reported in 2002, go
> figure). All I can recommend is that you put some votes in the
> upstream bug report.

Comment #20 [1] has a minimalist solution to this.
Please apply.

Timo

[1] http://bugs.kde.org/show_bug.cgi?id=44699#c20

Revision history for this message
Daniel Hahler (blueyed) wrote :

Binary package hint: kdepim

KMail does not allow encryption of mails with keys that are not trusted or (locally) signed.

The KDE upstream bug has some good points, why this is bad behaviour.

Additionally, it has a lot of votes and a rudimentary patch. It would be great if the patch could get improved and applied for Kubuntu.

Bug Watch Updater (bug-watch-updater)
Changed in kdepim:
status: Unknown → Confirmed
Bug Watch Updater (bug-watch-updater)
Changed in kdepim:
status: Unknown → Confirmed
Revision history for this message
Rastloser (rastloser) wrote :

Confirming this on Kubuntu Feisty. Although this may be bad behaviour, I'd prefer if I was given the chance to shoot myself in the foot :-) Warning messages exist.

Changed in kdepim:
status: Unconfirmed → Confirmed
Revision history for this message
Ryan Kavanagh (ryanakca) wrote :

Quick work around without signing, in KGPG, set the key's trust to 'Ultimate'.

Changed in kdepim:
importance: Undecided → Medium
Revision history for this message
otzenpunk (reisswolf-nospam) wrote :

> It would be great if the patch could get improved and applied for Kubuntu.

I second that. The point of the KDE developers is really annoying: Because there is the small possibillity of a mitm-attack you shouldn't be allowed to send encrypted mail to keys you didn't sign, but if you really want to, you could do anyway by applying one or another complicate workaround that as a side-effect could be harmful to the web of trust.

This should be patched. And the KDE developers at least don't seem reluctant to incorporate such fix:
"General reply: We do not have the time/resources to implement this low-priority wish, but if someone provides an acceptable patch we'll consider it for inclusion."

Revision history for this message
Henning Moll (drscott) wrote :

I don't understand the point of view of those kde developers. Kgpg, which is part of 'official' KDE already has this feature: 'Allow encryption with untrusted keys'. So please remove that inconsistency... ;-)

Revision history for this message
LimCore (limcore) wrote :

@ otzenpunk - You ment probably to say aboyt keys that you didn't TRUST (not ones that you didn't signed).

</picky>

Revision history for this message
otzenpunk (reisswolf-nospam) wrote :

@LimCore:
No, I didn't. As it's written in the corresponding KDE bug there are two ways to send mail to random people you meet on the internet. Either you sign their keys without actually verifying their identity, or you set the trust level to "ultimate" although you'd really trust them just partially or not at all. I referred to the first possibility.

Though I have to admit, that I don't use kmail und I even haven't installed KDE on my computer. I just happened to stumble upon a thread in the German Ubuntu forum where a couple of users had this problem and I wanted to help. While researching I found this bug, read it and the related KDE and Debian bugs and expressed an opinion.

Revision history for this message
Henning Moll (drscott) wrote :

good news: ( http://bugs.kde.org/show_bug.cgi?id=44699#c40 )
> We changed this behavior for 3.5.9 (as part of the enterprise branch changes).

Revision history for this message
Daniel Hahler (blueyed) wrote :

Does not work for me.. commented on the upstream/KDE bug.

Revision history for this message
Harald Sitter (apachelogger) wrote :

What is the status of this in KDE 4.1.1?

Changed in kdepim:
status: Confirmed → Incomplete
Richard Birnie (rbirnie-deactivatedaccount)
Changed in kdepim:
importance: Medium → Wishlist
Revision history for this message
Nathan Handler (nhandler) wrote :

We are closing this bug report because it lacks the information we need to investigate the problem, as described in the previous comments. Please reopen it if you can give us the missing information, and don't hesitate to submit bug reports in the future. To reopen the bug report you can click on the current status, under the Status column, and change the Status back to "New". Thanks again!

Changed in kdepim:
status: Incomplete → Invalid
Revision history for this message
In , Antonis Tsiapaliokas (kok3rs) wrote : Wishlist not a bug

#this is not a bug but a wishlist.check that
http://bugs.kde.org/show_bug.cgi?id=44699
severity 296601 wishlist
thanks

Revision history for this message
In , Ana Beatriz Guerrero López (ana) wrote : severity of 296601 is important

severity 296601 important
thanks

Revision history for this message
kaputtnik (kaputtnik-deactivatedaccount) wrote :

In KDE4.5.1 this bug does not exist.

Getting an E-Mail with a key, import the key to Kgpg, not signing or trusting, Answering the mail it will automatically be encrypted.

When trying to send this mail an additionally warning about untrusted key is shown -> http://media.cdn.ubuntu-de.org/forum/attachments/2620419/kmail_warnung.png

Bug Watch Updater (bug-watch-updater)
Changed in kdepim:
importance: Unknown → Wishlist
Revision history for this message
Henning Moll (drscott) wrote :

can't reproduce with kmail 1.13.5. As kaputtnik reported a warning is displayed but the user can proceed.

Bug Watch Updater (bug-watch-updater)
Changed in kdepim:
status: Confirmed → Fix Released
Revision history for this message
Daniel Hahler (blueyed) wrote :

Marking fixed in Ubuntu.

Changed in kdepim (Ubuntu):
status: Invalid → Fix Released
Bug Watch Updater (bug-watch-updater)
Changed in kdepim (Debian):
status: Confirmed → Fix Released
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.