[Gpg4win-users-en] gpg4win and MS Outlook
Andre Heinecke
aheinecke at gnupg.org
Mon Feb 15 08:20:45 CET 2021
Hi,
On Sunday 14 February 2021 15:35:02 CET Gerard Seibert wrote:
> I am using MS Outlook 365 (16.013628.20318) with gpg4win. For some reason,
it is failing to verify signed messages properly.
>
> This is an example of the error message:
>
> The sender address is not trustworthy because:
> The used key does not claim the address:
> gnupg-users-bounces at gnupg.org
>
> I am not sure how to fix this or if that is the correct behavior.
I think this is the correct behavior. When we verify a signature we compare
the used key to the senders address shown in Outlook. That way we only show
"green" if match. Otherwise I could send you a signed message signed with my
key and put as sender "president at whitehouse.gov" and it would show as valid.
In your case it seems to be a mailing list, so there could be an improvement
here that we check for the original sender or something like that. Could you
forward me a message with which this occurs please? I'll take a look if there
is something we can do.
mmh, maybe even this message would suffice as I'm signing it and sending it over
a mailing list.
Best Regards,
Andre
--
GnuPG.com - a brand of g10 Code, the GnuPG experts.
g10 Code GmbH, Erkrath/Germany, AG Wuppertal HRB14459
GF Werner Koch, USt-Id DE215605608, www.g10code.com.
GnuPG e.V., Rochusstr. 44, D-40479 Düsseldorf. VR 11482 Düsseldorf
Vorstand: W.Koch, B.Reiter, A.Heinecke Mail: board at gnupg.org
Finanzamt D-Altstadt, St-Nr: 103/5923/1779. Tel: +49-211-28010702
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 273 bytes
Desc: This is a digitally signed message part.
URL: <http://lists.wald.intevation.org/pipermail/gpg4win-users-en/attachments/20210215/ecb256b3/attachment.sig>
More information about the Gpg4win-users-en
mailing list