OpenPGP signature verification in Nautilus (#6608) · Issues · tails / tails

OpenPGP signature verification in Nautilus

Originally created by @intrigeri on #6608 (Redmine)

In seahorse-nautilus 3.8:

No menu entry to check a signature (either selecting only the detached signature or both the original file and the detached signature)
There is signature checking in seahorse-tool.
The notification is far from ideal (doens’t show keyid nor fingerprint and disappears quickly).
https://bugs.launchpad.net/ubuntu/+source/seahorse-nautilus/+bug/995623

Fixed upstream:

shared-mime-info
- https://bugs.freedesktop.org/show_bug.cgi?id=65679 (commit 2c3438c): Add missing globs and tests for OpenPGP files; fixed in s-m-i 1.2 (in Jessie)
- https://bugs.freedesktop.org/show_bug.cgi?id=70539: Fixes the issue with .asc files for inline signatures: do not propose to verify the signature, since Seahorse doesn’t know how to do that. Merged upstream in December, 2013. Fixed in s-m-i 1.3: https://bugs.debian.org/743942
seahorse-nautilus
- warn when signatures are valid but untrusted: will be fixed in the release after 3.10.1 (not a blocker for Tails 1.1)

Feature Branch: feature/6608-OpenPGP-signature-verification-in-Nautilus

Parent Task: #5516 (closed)

Subtasks

#7039 (closed)

Related issues

Related to #7079 (closed)

_Originally created by @intrigeri on [#6608 (Redmine)](https://public-redmine-archive.tails.boum.org/code/issues/6608)_

In seahorse-nautilus 3.8:

- No menu entry to check a signature (either selecting only the
    detached signature or both the original file and the detached
    signature)
  - There is signature checking in seahorse-tool.
  - The notification is far from ideal (doens’t show keyid nor
    fingerprint and disappears
    quickly).
  - <https://bugs.launchpad.net/ubuntu/+source/seahorse-nautilus/+bug/995623>

Fixed upstream:

- shared-mime-info
      - <https://bugs.freedesktop.org/show_bug.cgi?id=65679> (commit
        2c3438c): Add missing globs and tests for OpenPGP files; fixed
        in s-m-i 1.2 (in Jessie)
      - <https://bugs.freedesktop.org/show_bug.cgi?id=70539>: Fixes the
        issue with .asc files for inline signatures: do not propose to
        verify the signature, since Seahorse doesn’t know how to do
        that. Merged upstream in December, 2013. Fixed in s-m-i 1.3:
        <https://bugs.debian.org/743942>
  - seahorse-nautilus
      - [warn when signatures are valid but
        untrusted](https://bugzilla.gnome.org/show_bug.cgi?id=708640):
        will be fixed in the release after 3.10.1 (not a blocker for
        Tails 1.1)

Feature Branch: feature/6608-OpenPGP-signature-verification-in-Nautilus

Parent Task: tails/tails#5516

### Subtasks

- [x] tails/tails#7039

### Related issues

- **Related to** tails/tails#7079

Edited May 15, 2020 by intrigeri

To upload designs, you'll need to enable LFS and have admin enable hashed storage. More information