Author: anonym Date: To: The Tails public development discussion list Subject: Re: [Tails-dev] [review'n'merge:1.1]
feature/6608-OpenPGP-signature-verification-in-Nautilus
13/04/14 12:54, intrigeri wrote: > Hi,
>
> feature/6608-OpenPGP-signature-verification-in-Nautilus completes the
> steps to have seahorse-nautilus fully replace seahorse-plugins
> in Wheezy. It therefore will solve #6608, #5516 and #7039.
>
> Please review'n'merge in devel for Tails 1.1.
I tested it, and with the new shared-mime-info nautilus can verify .sig
files generated with `--detach-sign` without issue. Public key and
symmetrically encrypted files (both .gpg) also decrypt successfully.
However, it gets confused with gpg's default file extensions for other
types of signatures:
* `--clearsign` creates a .asc file which nautilus associates with
"Import Key" which fails with "Import Failed: Keys were found but not
imported".
* `--sign` creates a .gpg file which nautilus associates with "Decrypt
File" which fails with "Coudln't decrypt file: <file>: No data".
Renaming them to .sig throws the error "Couldn't verify file: <file>: No
valid signatures found".
Lastly, it cannot import keys exported without `--armor`; a dialog
titled "Importing" is shown, with a progress bar that never advances. At
least it can be closed with the "Cancel" button.
Given how shoddy all this is, I'm not sure I want to merge this branch.
What do you think?