11

I'm having an issue with some of my clients being unable to open email attachments when I sign the messages. The error they get is something like (free translation):

Error: cannot open. The digital signature could not be validated.

Checking the sent message with gpg produces the following:

gpg: Good signature from "John Doe <john@doe.com>" 
gpg: WARNING: This key is not certified with a trusted signature! 
gpg: There is no indication that the signature belongs to the owner.

I would like to keep signing and eventually encrypt all communications leaving my office, but I need to solve the attachment issue.

  • How would I go about solving this? Is it a matter of the receiving end marking my signature as trusted? Is there a way to do this that doesn't involve an action from the receiver (key server?)?
Simon
  • 3,202
  • 4
  • 26
  • 38
margaritam
  • 111
  • 1
  • 3

2 Answers2

8

Whom to Trust?

The signature could be successfully verified, that means it was really signed with the private key as announced. This key claims it belongs to "John Doe ".

Yet, your GnuPG setup does not trust in this key. Everybody could create a key for John Doe; all you know is somebody that created a key with user ID John Doe sent you this message.

Verifying Key Ownership

To be sure about whether the sender of this message is really who he claims to be (John Doe), you should get knowledge of his key id (better complete fingerprint) on another, trustfully way (it must not necessarily be secure, as only public information, namely his public key id, is transferred). After that, download and sign his key:

gpg --recv-keys 0x12345678
gpg --sign 0x12345678

All keys you signed (and thus their signatures) will be verified in future.

The Web of Trust

You can also make use of the web of trust. By putting trust on a key, signatures given by that key's owner will also be considered when verifying a key's validity. Have a look at this answer which explains trust, valid keys and the web of trust more in detail: What is the exact meaning of this gpg output regarding trust?

Jens Erat
  • 23,816
  • 12
  • 75
  • 96
  • Thank you, Jens, your explication was very clear. Unfortunately, if I understand it right, this seems to mean that until I can get a significant amount of people to mark my key as trusted, clients will keep having issues opening signed attachments, since they aren't tech savvy and their client automatically blocks it. Am I getting this wrong? Is there any other way to certify that the key belongs to John Doe such as paying some certificate authority? – margaritam Nov 16 '13 at 15:07
  • Are you John Doe? A rather important OpenPGP certificate authority is [CAcert](http://www.cacert.org) (although they originally offer X.509 certificates). Still, your clients would need to put trust on CAcert's OpenPGP key (so its signatures are considered when calcualting validity). If you "just want your signature being valid", you'd need to go with X.509 / S/MIME which has some trust-presets (in a bunch of certificate authorities which you can pay for identity validation and issuing a certificate). – Jens Erat Nov 16 '13 at 15:42
  • @margaritam can you elaborate on which "client" automatically blocks attachments signed by unknown key, but doesn't block attachments without signatures? sounds like very weird case. unknown signature is not any worse than no signature at all – JimiDini Dec 05 '13 at 20:24
  • Why does this message also show up when you told GPG(2) that you trust the key, though? Why does it need to be signed with my own key? Can't GPG take that I trust the key from me tellin it that I do? – UTF-8 Dec 12 '16 at 20:10
  • _How_ did you trust the key? Only ultimately trusted keys will be considered for signature verification without an incoming trust path. Consider reading [What is the exact meaning of this gpg output regarding trust?](http://security.stackexchange.com/q/41208/19837) for more details on trust in OpenPGP. – Jens Erat Dec 13 '16 at 08:25
2

To open the message, there has to be some way to tell GPG that the message comes from someone you trust. Simply having a person's public key is not enough: the other party can use the public key to verify files if a separate signature file is provided by you, but GPG will refuse to decrypt files that do not have a matching public key signed by either you, or someone you trust.

So there you have it: tell your clients to sign your public key, and to set the trust of your public key to full or ultimate. Note though, please tell them to do this after they verify the validity of their copy of your public key, either through a phone call where you tell them your public key's signature hash or in person. After all, the trust levels are called "full" and "ultimate" for a reason.

Nasrus
  • 1,250
  • 12
  • 13
  • Thank you, this makes sense. I was looking for some other option that doesn't impose on my clients though, but I guess it just isn't there. I understand the reasoning, but I was signing most of my outgoing messages, and this way it doesn't make that much sense anymore. It may be worth it for encrypting certain very sensitive messages, but not for everyday communication. – margaritam Nov 16 '13 at 15:12