Package: kmail Version: 22.12.2-1 Severity: normal Tags: bookworm sid upstream Forwarded: https://bugs.kde.org/show_bug.cgi?id=465551
SUMMARY I'm using gnupg with an subkey to sign my e-mails. KMail shows following message when a e-mail was signed with the gnugp subkey: "Not enough information to check signature validity." Details message: "Message was signed on <date> with unknown key <keyfingerprint>. The validity of the signature cannot be verified. Status: Good signature" Expected STEPS TO REPRODUCE 1. Create e-mail in composer, with signing active (using an gnupg key with an signing only subkey) 2. save e-mail as draft (just for simplicity - sending the mail to yourself would also work) 3. Open draft email (preview - not the editing) OBSERVED RESULT KMail shows an orange border with following message when a e-mail was signed with the gnugp subkey: "Not enough information to check signature validity." Details message: "Message was signed on <date> with unknown key <keyfingerprint>. The validity of the signature cannot be verified. Status: Good signature" EXPECTED RESULT Showing an green border. This is also the result I see in Debian bullseye with gpg 2.2.27-2, kmail 20.08.3 and 5.20.5 ADDITIONAL INFORMATION The log output when "Write server mode logs to FILE" is configured shows following Information when the signed e-mail is opened: 2023-02-10 17:06:11 gpg[1848451] armor: BEGIN PGP SIGNATURE 2023-02-10 17:06:11 gpg[1848451] Signature made Do 22 Dez 2022 11:53:36 CET 2023-02-10 17:06:11 gpg[1848451] using RSA key <keyfingerprint> 2023-02-10 17:06:11 gpg[1848451] using subkey <subkeyid> instead of primary key <primarykeyid> 2023-02-10 17:06:11 gpg[1848451] using subkey <subkeyid> instead of primary key <primarykeyid> 2023-02-10 17:06:11 gpg[1848451] using classic trust model 2023-02-10 17:06:11 gpg[1848451] key <primarykeyid>: accepted as trusted key 2023-02-10 17:06:11 gpg[1848451] Good signature from "<name + e-mail address>" [ultimate] 2023-02-10 17:06:11 gpg[1848451] using subkey <subkeyid> instead of primary key <primarykeyid> 2023-02-10 17:06:11 gpg[1848451] binary signature, digest algorithm SHA256, key algorithm rsa4096 2023-02-10 17:06:11 gpg[1848454] using character set 'utf-8' 2023-02-10 17:06:11 gpg[1848454] using classic trust model 2023-02-10 17:06:11 gpg[1848454] key <primarykeyid>: accepted as trusted key So gnupg itself uses the subkey to verify the signature Additional information. When I click on the <keyfingerprint> link inside the details message "Message was signed on <date> with unknown key <keyfingerprint>" an kleopatra window opens and shows the correct gnupg key/certificate. It seems that only kmail cannot find the correct gnugpg key/certificate via an gnupg subkey fingerprint
