Am Samstag, den 20.02.2016, 20:57 +0100 schrieb Stig Roar Wangberg: (...) > > > > > > Everything is working just fine now! I'm very pleased with > > > > > > Evolution. > > > > > > But what does it mean when it says that the signature is valid, but > > > > > > cannot confirm the sender (I don't know the exact wording in > > > > > > English)? > > > > > > > > > > I think it is the same what I see here: > > > > > Signatur existiert, jedoch wird der öffentliche Schlüssel benötigt. > > > > > or > > > > > gpg: Signatur am Sa 20 Feb 2016 16:56:34 CET mit RSA Schlüssel, ID > > > > > 7C174863, erfolgt. > > > > > gpg: Unterschrift kann nicht geprüft werden: Öffentlicher Schlüssel > > > > > nicht gefunden. > > > > > > > > > > I haven't checked the English UI but it could there sound like: > > > > > Signature exists but the public key however is needed/required. > > > > > or > > > > > gpg: Signature at the Sa 20 Feb 2016 16:56:34 CET with RSA key, ID > > > > > 7C174863, is carried out. > > > > > gpg: Signature cannot be checked: Public key not found. > > > > > > > > Oh, I was expecting this from others, like when I don't trust or sign > > > > their keys. Hm. I didn't expect from my own private key. So I have to > > > > sign and trust my own key too! Like gpg --sign, and level of trust. I > > > > wonder if I should trust myself with level 5 ... ;) > > > > > > > > > I did a gpg --edit-key, ran the check and it was already self-signed. So > > > I did the trust in addition. This is the first time I trust myself. ;) > > > So this is the correct procedure, right? If so I learned something new. > > > Again! > > > > > ... still no public key provided :-( > > So the public key are supposed to follow the signature? Is that the > purpose of a signature? In that case there must be some settings I've > missed. I see signings all the time, without any public keys. I guess > people just look them up on a key-server. > > I would like to know this myself, so if anyone could clarify, please.
I don't think it's a problem of sequence. I only see that lots of messages seem to contain sender's signature AND public key because I have lots of certificates from my contacts - which have been imported somehow automatically by my Evolution without me acting. So I see directly, that these are valid. Remark, that most of these mails are sent via Microsoft Infrastructure. Purpose of a signature should be clear ? You give your addressees the possibility to make sure that the message comes directly from you, only from you, noone else but you ;-) As written above I don't know Evolution's possibilities of handling this as I don't sign private mails. In the settings for security there seems to be no attempt !?? "Just" look up the public key on a key-server might be another way. But once having done this, the public key should be imported into Evolution to save time when receiving mail from this sender next time. _______________________________________________ evolution-list mailing list evolution-list@gnome.org To change your list options or unsubscribe, visit ... https://mail.gnome.org/mailman/listinfo/evolution-list
