FS#33792 - [evolution] PGP signing of emails stores password for subsequent emails

Attached to Project: Arch Linux
Opened by Mark E. Lee (bluerider) - Sunday, 10 February 2013, 03:00 GMT
Last edited by Jan de Groot (JGC) - Friday, 20 February 2015, 12:53 GMT
Task Type Bug Report
Category Upstream Bugs
Status Closed
Assigned To Jan de Groot (JGC)
Architecture All
Severity High
Priority Normal
Reported Version
Due in Version Undecided
Due Date Undecided
Percent Complete 100%
Votes 0
Private No

Details

Description:
Evolution keeps PGP key signing for subsequent emails after I cancel signing the first email.

Additional info:
evolution 3.6.3-1
evolution 3.6.3-1

Set Evolution to always sign outgoing messages via Evolution Preferences

Steps to reproduce:
Cancel sending an email after entering the password to sign an email with a PGP key. Subsequent emails can be signed without entering in a password (and they are valid, I checked by emailing myself).
This task depends upon

Closed by  Jan de Groot (JGC)
Friday, 20 February 2015, 12:53 GMT
Reason for closing:  Won't fix
Additional comments about closing:  See last comment
Comment by Jelle van der Waa (jelly) - Sunday, 10 February 2013, 10:55 GMT
Could you fill this bug upstream
Comment by Mark E. Lee (bluerider) - Sunday, 10 February 2013, 15:34 GMT
I filed the bug upstream: as per the report, I find this includes successfully sending emails as well. I have recompiled evolution (from ABS) and found the problem persists. I opt out of leaving the key open for future messages, but it seems this request is not respected by Evolution's PGP signing system.

Upstream Bug Filed : <https://bugzilla.gnome.org/show_bug.cgi?id=693527>
Comment by Mark E. Lee (bluerider) - Thursday, 28 February 2013, 18:34 GMT
Seems like the error can be mitigated by letting evolution handle its own PGP keys. It was recommended upstream to disable gnome-keyring to let evolution handle its own PGP keys (and hence prompt every time the user wants to sign an email).

While this solution works, one has to disable gnome-keyring from starting up with the user session.
Comment by Jan de Groot (JGC) - Tuesday, 18 November 2014, 08:48 GMT
Should be fixed now that GPG is incompatible with gnome-keyring...
Comment by Mark E. Lee (bluerider) - Friday, 21 November 2014, 16:44 GMT
I don't use evolution anymore due to this issue and the lack of a resolution. I'd close this bug unless someone else has any complaints about the software.
Comment by Jan de Groot (JGC) - Friday, 20 February 2015, 12:52 GMT
This is a design choice. GPG keys are stored in gnome-keyring and once you authorize an application to use a key, it will be remembered for the session or permanently depending on settings.

Since GnuPG 2.1 the agent in gnome-keyring is no longer compatible, so gnome-keyring will not ask for your passphrase anymore. Instead of that standard gnupg tools will be used.