[Kolab-devel] [issue3077] Warning when encrypting email to untrusted OpenPGP recipients should always come

Bernhard Reiter kolab-issues at intevation.de
Thu Sep 25 12:42:43 CEST 2008


New submission from Bernhard Reiter <bernhard at intevation.de>:

Kontact Version 1.2.9 (enterprise35 20080919.862683),        
when sending an email to untrusted OpenPGP keys       
you'll get a warning, this warning should always come.       
(Thus _no_ Do not show this again button!)       
       
this means the following kontactrc entry shall not be effective      
(nor there):      
| [Notification Messages]      
| not fully trusted encryption key warning=false      
     
Rationale: This is a security problem to completely disable this warning.     
There are other ways to overcome the annoyance for certain keys:    
a) build a trust path      
   a1) fully sign the key directly     
   a2) build a trust chain through the web of trust   
http://pgp.cs.uu.nl/mk_path.cgi   
b) locally sign the key in question    
     
Other information:    
Currently this warning can be switched on again, by switching all   
warning on again on the email settings -> security -> Warnings page    
on the lower right.

----------
assignedto: till
messages: 16804
nosy: bernhard, ludwig, till, vkrause
priority: bug
status: unread
title: Warning when encrypting email to untrusted OpenPGP recipients should always come
topic: kde client, kowi, prokde35
___________________________________________________
Kolab issue tracker <kolab-issues at intevation.de>
<https://www.intevation.de/roundup/kolab/issue3077>
___________________________________________________




More information about the devel mailing list