Hello, all: I'm not sure if it's a misconfiguration our part, but when GnuPG options are enabled in RT, the UI output is not very useful. E.g., here's what it says for a valid signature:
GnuPG: The signature is good, signed by Foo Bar <[email protected]>, trust level is unknown Here are the reasons it's not useful: Key validity is not shown ------------------------- I don't really want to know the owner-trust level (more often than not it's going to be "unknown"). I want to see what the *key validity* is. These two concepts are very different, but for signed email sent to the tracker you want to see *validity* not *owner-trust*. Key ID is not shown ------------------- "Foo Bar <[email protected]>" is not unique. Anyone can create a PGP key with any name/email they want. What it should show is at least partial hex keyid. To clarify: Each member of my support team is in the RT keyring with their keys fully trusted (owner-trust: full). Users we support have their PGP key signed by one of us, and a lot of incoming requests MUST be signed by a PGP key carrying our signature before we act on them. So: Me (trust:Full; validity:Full) User Foo Bar, key signed by me (trust:Unknown; validity: Full) The pgp output that would be really useful is: GnuPG: Good signature from Foo Bar <[email protected]> Key ID: 0xFFFFFFFF | Validity: Full | Trust: Unknown I just wanted to check if there's perhaps something we've overlooked in the configuration that would let us make output resemble something like that. Best, -- Konstantin Ryabitsev Linux Foundation Collab Projects Montréal, Québec -- RT Training November 4 & 5 Los Angeles http://bestpractical.com/training
