Page MenuHome GnuPG

KMail should process "Confirm your key publication" messages from WKS-Server
Open, NormalPublic

Description

During setup of an e-mail account or later from Kleopatra it is possible to send an e-mail to a WKS-server to publish a GPG-key. The server replies with an e-mail to confirm this request. This mail is just shown, but can not be processed/confirmed.
Kmail should process the MIME-type "confirmation-request" show an option to confirm or dismiss the e-mail.

Details

Version
22.08.1

Event Timeline

alexk triaged this task as Normal priority.Sep 19 2022, 11:18 AM
alexk created this task.
dvratil added subscribers: aheinecke, dvratil.

I have yet to test this, but just by looking at the code in kdepim-addons this seems to already be implemented since the beginning. When we were implementing this back in 2016, we were using some testing WKD server that @aheinecke operated (the presence of testuser10@test.gnug.org and key-submissions@test.gnupg.org keys in my Kleopatra is most likely from that time and instance).

Andre, is this infrastructure still running? Any chance I could get access to testuser10 again, so I can check what's really missing in this implementation?

dvratil moved this task from Restricted Project Column to Restricted Project Column on the Restricted Project board.Apr 18 2023, 12:07 PM

From https://phabricator.kde.org/D3140 the "Confirm your key registration" (see last screenshot) button seems to be what this is about, right?

@dvratil I think the message has changed a bit with recent versions of the WKS server. Or is this maybe in a plugin that might not be installed on some distributions? At least when alexk tried it it was not processed on a fairly recent ArchLinux but he had such issues like plugin for crypto settings in KAdressbook not installed etc. so it might just be that. I can test this again but its probably best if we get you a test mail address with a forward for gnupg.org (which has WKS)

I will re-test it with KDE neon.

It took a bit of time to set things up, but I was able to manually perform the WKS dance and open each email in KMail to check how it works.

This is how the registration confirmation email is rendered in KMail:

So that is unchanged since the work we did back in 2016 - there's nothing displayed from the original email, we instead detect it's a registration confirmation request and render the custom text and button via a KMail viewer plugin (similar to how e.g. invitations are handled).

Clicking "Register" generates the confirmation email and sends it via KMail, the confirmation email also has special rendering as shown below (IIRC we did a special rendering for the outgoing email, since user can find it in their Outbox or Sent folder, so they get a bit more context than just a key).

I have however noticed that the "Show key details" link in the response email doesn't work - it's supposed to open the key details in Kleopatra, but Kleopatra just shows "No fingerprint argument specified for --query" error dialog. I'll look into that.

PR that removes the "Show key details" link from the response email: https://invent.kde.org/pim/kdepim-addons/-/merge_requests/37