When I create an encrypted and signed message, it can be decrypted and verified only by KMail. Other clients can decrypt it but the signature seems invalid. I first experienced this problem in the 3.5 series (I can't remember which version exactly) and it persisted as I upgraded to kde-4.1. Reproducible: Always Steps to Reproduce: 1. Create an encrypted and signed email 2. Send it to yourself 3. See how KMail decrypts and verifies it 4. Find the message in your maildir folder 5. Run: gpg2 <filename> 6. Enter the key's passphrase for decryption 7. Enter the output filename Actual Results: The message is decrypted but the signature is left there, unverified. The message headers are as follows: Content-Type: multipart/signed; boundary="nextPart3542461.iKSYPfKBMc"; protocol="application/pgp-signature"; micalg=pgp-sha1 Content-Transfer-Encoding: 7bit --nextPart3542461.iKSYPfKBMc Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Content-Disposition: inline Expected Results: Running gpg2 on a message written using enigmail, I get the following output: gpg: Signature made <timestamp> using DSA key ID <id> gpg: Good signature from <sender> The message headers are as follows: Content-Type: text/plain; charset=ISO-8859-15 Content-Transfer-Encoding: quoted-printable KMail also cannot verify encrypted/signed messages created by enigmail. gpg2, as shown above, verifies them correctly.
Created attachment 172699 [details] emerge --info
I can confirm this, but i have no idea now to fix that. Guys any suggestions/solutions?
Have you set a signature digest algorithm different from sha1 in your gnupg options? If yes, you're hitting kde bug 128784 (fixed in 4.3.5). http://bugs.kde.org/show_bug.cgi?id=128784
closing per comment #3, plz reopen if it is still valid
