Hi,
anonym wrote (25 Apr 2014 14:04:44 GMT) :
> I tested it, and with the new shared-mime-info nautilus can verify
> .sig files generated with `--detach-sign` without issue. Public key
> and symmetrically encrypted files (both .gpg) also
> decrypt successfully.
Great, these were the major regressions in Wheezy that we wanted to
address in time for 1.1, thanks to seahorse-nautilus +
shared-mime-info.
> However, it gets confused with gpg's default file extensions for other
> types of signatures:
> * `--clearsign` creates a .asc file which nautilus associates with
> "Import Key" which fails with "Import Failed: Keys were found but not
> imported".
> * `--sign` creates a .gpg file which nautilus associates with "Decrypt
> File" which fails with "Coudln't decrypt file: <file>: No data".
> Renaming them to .sig throws the error "Couldn't verify file: <file>: No
> valid signatures found".
> Lastly, it cannot import keys exported without `--armor`; a dialog
> titled "Importing" is shown, with a progress bar that never advances. At
> least it can be closed with the "Cancel" button.
> Given how shoddy all this is, I'm not sure I want to merge this branch.
> What do you think?
I'll test every failure mode you've identified in Tails/Squeeze, and
I'll re-test with shared-mime-info 1.3 too, as it might fix some of
these problems.
I'll call every regression a potential blocker for 1.1, and I'll call
every non-regression a bug that can be addressed later, and will file
tickets + Debian/upstream bugs about it.
Thanks for these thorough tests! Don't hesitate filing a ticket in our
bug tracker to add automatic tests for this all ;)
Cheers!
--
intrigeri
| GnuPG key @ https://gaffer.ptitcanardnoir.org/intrigeri/intrigeri.asc
| OTR fingerprint @ https://gaffer.ptitcanardnoir.org/intrigeri/otr.asc