A bug in version 1.2.1?

Michael Nahrath gnupg-users@nahrath.de
Wed Dec 11 10:57:02 2002


Alexandros Papadopoulos <apapadop@cmu.edu> schrieb am 2002-12-11 07:23 Uhr:

> On Tuesday 10 December 2002 21:47, engage wrote:
>> When I try to encrypt a message within Kmail, I get a window for
>> verifying/selecting keys. Even though I have that person's key on the
>> keyring and even though it shows that person's key in the window, I
>> can't encrypt to that person or even select the appropriate key.
>> However, I can encrypt from the CLI. Is it a Kmail 1.4.3 (KDE 3.x)
>> bug or a GPG 1.2.1 bug?
> 
> You need to at least lsign the key. Assign NO trust if you like, but
> KMail will not let you encrypt to a key you have not signed.

Are the Kmail authors informed?
When will they fix this severe bug?

Forcing users to sign keys without proof of the owner's identity, just to
trick their software, is BAD.

There may be warnings ("You have no trustpath to this key that indicates its
validity. Use anyway? [[cancel]] [OK]") or a pref to switch this off.

Greeting, Michi