Open Bug 1663234 Opened 5 years ago Updated 2 years ago

Improve error message when importing a key with no user ID from key servers

Categories

(MailNews Core :: Security: OpenPGP, defect, P2)

Product:
MailNews Core
Component:
Security: OpenPGP
Type:
defect

Tracking

(Not tracked)

People

(Reporter: u617804, Unassigned)

References

Details

Attachments

(1 file)

bildschirmfoto.png
12.17 KB, image/png
Details
Attached image bildschirmfoto.png

User Agent: Mozilla/5.0 (X11; Linux x86_64; rv:68.0) Gecko/20100101 Firefox/68.0

Steps to reproduce:

TB 78.2.1

Actual results:

Message appears with text "Import {$name} (35C212A69B4E3095)?" (see screenshot)

Expected results:

There should not be used {$name} in the message, as I guess this is no content from the key.

When downloading the key from https://keys.openpgp.org/search?q=35C212A69B4E3095
I cannot import it with GPA, it seems to be a somehow special key, gpg --show-keys does not show a key UID (mail address).

But both keys from key server and mailing list have the same long key ID
C6052B790A4E93583CF3671D35C212A69B4E3095

Wondering, how there can be a key without UID mail address on the verifying key server, I thought the keys on keys.openpgp.org are verified by the UID email address via email?

OK I have read https://keys.openpgp.org/about , so it looks like the key was published without the personal identifying data, which is a concept of the key server.

So maybe the message should then be for non-identifying keys, which are currently not in the TB key store:
"This key cannot be imported because it does not contain a user id (email address)"

See Also: → 1633605
Severity: -- → S4
Priority: -- → P2
Status: UNCONFIRMED → NEW
Ever confirmed: true

Something changed in 94.0a1. Now I'm getting "We could not find any key matching the specified criteria".

It's a slightly better error message but, yes, we should improve it to "The key could not be imported because it does not contain a user ID."

Summary: Buggy message when importing key lacking mail address from keyserver → Improve error message when importing a key with no user ID from key servers

bug 1734994 describes another failure at importing key without user ID (0xB3464F896AA15948) but slightly different symptoms: the "Import key" dialog is displayed but then "No keys imported". I would treat both bugs as a single one and with low priority.

(In reply to nf from comment #3)

we should improve it to "The key could not be imported because it does not contain a user ID."

I would suggest "The key was found on keyserver <keyserver>, but it cannot be imported because
it does not contain a user ID."
or
the user ID <user id> of the key is not exactly the email address <expected email address>"

Agreed, related to Bug 1735355.

See Also: → 1735355

(In reply to nf from comment #4)

bug 1734994 describes another failure at importing key without user ID (0xB3464F896AA15948) but slightly different symptoms: the "Import key" dialog is displayed but then "No keys imported". I would treat both bugs as a single one and with low priority.

As I just saw, bug 1734994 is not only about keys without user ID, but also about keys where user ID does not match sender's mail address. I added an according comment there, see https://bugzilla.mozilla.org/show_bug.cgi?id=1734994#c7

With TB 115.0, the key is no longer found:

  • open TB OpenPGP key manager -> Key Server -> Discover Keys online and enter 35C212A69B4E3095
    -> "No key found which matches the search criteria"
    It would be good if TB would tell which key server(s) was queried. Is it not keys.openpgp.org anymore?

Here the key is found:
https://keys.openpgp.org/search?q=35C212A69B4E3095

35C212A69B4E3095 isn't found with 102 either. AFACT, Like described above, the issue here is that since the key doesn't contain a user id it's not imported, and the message is confusing around that.

The servers used are in `mail.openpgp.keyserver_list'

You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: