ALLOW USAGE OF GPG/PGP KEYS **WITHOUT** CERTS

RESOLVED INVALID

Status

Thunderbird
Preferences
--
major
RESOLVED INVALID
14 years ago
12 years ago

People

(Reporter: David McNab, Assigned: Scott MacGregor)

Tracking

Firefox Tracking Flags

(Not tracked)

Details

(Reporter)

Description

14 years ago
User-Agent:       Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.5) Gecko/20031024 Galeon/1.3.10 (Debian package 1.3.10-2)
Build Identifier: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.5) Gecko/20031024 Galeon/1.3.10 (Debian package 1.3.10-2)

T'bird 0.4 is refusing to let me use my own GPG key for signing/decrypting, or
anyone else's key for encrypting/verifying.

If there was an option to turn off this 'compulsory certificates' thing, I'd
call it a feature. But IMO, the inability to use uncertified GPG keys at my
discretion is most definitely a bug.

T'bird 0.4 is otherwise nice - especially now that it has URL handling. But this
compulsory certificate thing is a deal-breaker for me, and has forced me to go
back to 0.3

Reproducible: Always

Steps to Reproduce:
1. Click Tools/Account Settings
2. On one of the existing accounts, click 'security'
3. Observe that t'bird does not allow you to use a GPG key - it instead demands
a certificate
Actual Results:  
T'bird fails to allow signing/encryption/decryption/verification

Expected Results:  
Thunderbird should support the 0.3 behaviour (with Enigmail), where you can use
uncertified GPG keys. Warning the user about dangers of uncertified keys (eg
MITM attack) is acceptable - IMO, refusing to use unsigned keys is not.

Comment 1

14 years ago
GPG should be PGP in summary.
Mozilla and Thunderbird do not do PGP. Enigmail does, but that is an extension. Please file extension bugs with the appropriate extension project. In this case, Enigmail, at http://enigmail.mozdev.org/

By the way, I also am an Enigmail user. Enigmail and Thunderbird (1.5) work fine for me.

Marking this as invalid.
Status: NEW → RESOLVED
Last Resolved: 12 years ago
Resolution: --- → INVALID
Summary: ALLOW USAGE OF GPG KEYS **WITHOUT** CERTS → ALLOW USAGE OF GPG/PGP KEYS **WITHOUT** CERTS
You need to log in before you can comment on or make changes to this bug.