GNOME Bugzilla – Bug 753127
evolution: fails to make correct DSA signatures
Last modified: 2019-11-12 17:37:23 UTC
This is Debian-Bug # 794231 : Package: evolution Version: 3.12.9~git20141130.241663-1+b1 Severity: normal Dear Maintainer, I have been using Evolution for some months, there also sowed up some problems, that I reported. Recently I found, that the mail-signatures it makes are not correct and cannot be verified by other clients. Evolution itself is unaware of the problem, it doesn't show problems with it's signatures, but when mailing out to Thunderbird/Enigmail for example, the signature cannot be verified. I am usind a DSA/ElGamal-Key, that was generated by seahorse. That is why this is not merely a wishlist-item, like 'DSA-support missing for signing mail-messages', but in fact this is a feature that needs to be there, because seahorse is part of the GNOME-desktop as well as Evolution, and it is the default tool for generating GnuPG-keys, when not doing it manually on the terminal. My key is the one belonging to andreas.glaeser@irregulaire.info: Fingerprint: 7C35 8ECD 7C3C 90B5 70FC 02C5 99B6 DD31 6A93 64C6 The public part is available from keyservers. - -- System Information: Debian Release: 8.1 APT prefers stable-updates APT policy: (500, 'stable-updates'), (500, 'stable') Architecture: amd64 (x86_64) Kernel: Linux 3.16.7-ckt11-aedl (SMP w/2 CPU cores; PREEMPT) Locale: LANG=en_GB.UTF-8, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system) Versions of packages evolution depends on: ii dbus 1.8.18-0+deb8u1 ii debconf [debconf-2.0] 1.5.56 ii evolution-common 3.12.9~git20141130.241663-1 ii evolution-data-server 3.12.9~git20141128.5242b0-2+deb8u2 ii gnome-icon-theme 3.12.0-1 ii libatk1.0-0 2.14.0-1 ii libc6 2.19-18 ii libcamel-1.2-49 3.12.9~git20141128.5242b0-2+deb8u2 ii libclutter-gtk-1.0-0 1.6.0-1 ii libecal-1.2-16 3.12.9~git20141128.5242b0-2+deb8u2 ii libedataserver-1.2-18 3.12.9~git20141128.5242b0-2+deb8u2 ii libevolution 3.12.9~git20141130.241663-1+b1 ii libglib2.0-0 2.42.1-1 ii libgtk-3-0 3.14.5-1 ii libical1a 1.0-1.3 ii libnotify4 0.7.6-2 ii libsoup2.4-1 2.48.0-1 ii libwebkitgtk-3.0-0 2.4.8-2 ii libxml2 2.9.1+dfsg1-5 ii psmisc 22.21-2 Versions of packages evolution recommends: ii bogofilter 1.2.4+dfsg1-3 ii evolution-plugins 3.12.9~git20141130.241663-1+b1 ii spamassassin 3.4.0-6 ii yelp 3.14.1-1 Versions of packages evolution suggests: pn evolution-ews <none> pn evolution-plugins-experimental <none> ii gnupg 1.4.18-7 ii network-manager 0.9.10.0-7 - -- debconf information: evolution/kill_processes: evolution/needs_shutdown: -----BEGIN PGP SIGNATURE----- Version: GnuPG v2 iEYEARECAAYFAlW7cXcACgkQ5+rBHyUt5wv0YQCfX67pL+X6fDxILHiqBmjkNI8X h/0An0C2es68Uic3XLv96Fu0Oc5C0zsC =W0Pk -----END PGP SIGNATURE-----
> when mailing out to Thunderbird/Enigmail for example, > the signature cannot be verified. Which other mailers were tested? Wondering if this is Evolution/Seahorse behaving weirdly or Enigmail.
I tried with evolution(-data-server) git master, basically 3.17.91 development release, and the DSA Elgamal PGP key generated by Seahorse works fine for signing in both evolution and Thunderbird 38.2.0 with Enigmail 1.8.2 extension. For some odd reason the Enigmail doesn't offer me the Seahorse-generated DSA key to be selected, thus it cannot decrypt a message with its key, but the signature says it's a Good signature. The messages had been received through IMAP in both application. Either I'd close this in favour of the upcoming 3.18.0, or try with (at least) my versions of the Thunderbird.
The problem seems to be fixed upstream, but there is an interoperability-problem with seahorse and Enigmail regarding DSA encryption/decryption. If so this does not really have anything to do with Evolution, but it's either Enigmail's or seahorses's fault or both. On my behalf I would prefer to leave the report open, because, it will take quite some time until Evolution 3.17.something or higher arrives in Debian-stable, except somebody ports the stretch-testing version of Evolution back to Jessie.
DSA, is an acronym for Digital-Signing-Algorithm, so the name says it already, it's for signing only, not for encrypting, you have to use ElGamal for that.
Thanks for the update. I noticed a little issue in seahorse, it didn't show me that DSA key, because I had another key for the same email address in gpg. When I deleted the older key the DSA key was shown. Maybe it's related, maybe not. I can keep this opened in the Need-Info state, which means it'll be closed after ~3 months, though the reason to "keep this open due to Debian distribution" doesn't feel right, because this is Evolution upstream, while Debian is just one distribution providing the Evolution for its users. More appropriate place would be Debian's bugzilla, from my point of view.
Thanks a lot for your reply, I am always keen about having online-conversations, because so many people seem to be wanting to do this mostly read-only. As mentioned before, DSA is for signing only. Honestly I don't mind if the report about this issue stays open in Bugzilla or not. Because the first reply I received about this referred to some alpha development version, it would probably make sense to keep the needinfo status. I have been referring to the Debian BTS, thats debbugs actually, not Bugzilla. The original report was posted there: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=794231 > Package: debbugs > State: not installed > Version: 2.4.1.1 > Priority: optional > Section: misc > Maintainer: Debbugs developers <debian-debbugs@lists.debian.org> > Architecture: all > Uncompressed Size: 384 k > Depends: perl5 | perl, exim | mail-transport-agent, libmailtools-perl, ed, > libmime-perl, libio-stringy-perl Recommends: httpd, links | lynx > Description: The bug tracking system based on the active Debian BTS > Debian has a bug tracking system which files details of bugs reported by users and > developers. Each bug is given a number, and is kept on file until it is marked as > having been dealt with. The system is mainly controlled by e-mail, but the bug reports > can be viewed using the WWW. > This version is fully functional, but it does not automatically configure. > See /usr/share/doc/debbugs/README.Debian after installation. > > Note: there might be various issues with this package, caveat emptor. > > Tags: devel::bugtracker, suite::debian, works-with::bugs > Cheers !
Okay, then I'm keeping this in the NeedInfo state.
Closing this bug report as no further information has been provided. Please feel free to reopen this bug report if you can provide the information that was asked for in a previous comment. Thanks!