choose id carefully when rendering signature by multi-uid key

[tomholub]

user feedback:

Multi-ID cert behavior
Instead of making and managing multiple individual certs, I made one with all contacts user ids. Works fine, except the recipient gets a note saying "signed by [the first ID in the key]". Would be nice if, with multi-ID keys, you would sign outbound messages with the corresponding sender address, provided that's one of the IDs within the key...

Seems like something we could improve.

[shawn-dubs]

Hi. I'm the submitting user. For context, here's a screenshot where you can see the sending address and the signing address. Hopefully you can see how this would be an issue for someone trying to validate my identity.

[tomholub]

Ah - I misunderstood the original issue. The part that's mismatched is the public key on the bottom.

I see how it would be less confusing if we used the same email. However, the current mechanism to show the primary uid is also not without merit. What do other email clients do?

The big question - I think - is, if this is the first time you wrote that person and they click "IMPORT KEY", does that then allow them to verify the message successfully when they reload the page? Or does it say "unknown signer"?

[rrrooommmaaa]

Please note: "signed by" will always show sender's address (without any influence from UIDs in the signing key) when PR #4144 is merged. Is this expected, @tomholub ?

[tomholub]

@rrrooommmaaa yes, that's exactly what I want. What I want to know is "was this email signed by key that I declared as belonging to this sending email address"?

[tomholub]

Resolved, but differently: we no longer render the uid of the signature. Instead, we check that the message was signed by one of the keys that is trusted for the particular sender email of the message (from: header). If yes, then singature is valid, if not, then not valid.

[tomholub]

@shawnwright this will be in 8.2.1 released sometime over the holidays. Once it's out, please have a look if you see this as an improvement.

[shawn-dubs]

Definitely an improved experience using multi-address certs. Thanks!

…

On Thu, Dec 23, 2021 at 5:10 PM Tom J ***@***.***> wrote: @shawnwright <https://github.com/shawnwright> this will be in 8.2.1 released sometime over the holidays. Once it's out, please have a look if you see this as an improvement. — Reply to this email directly, view it on GitHub <#3894 (comment)>, or unsubscribe <https://github.com/notifications/unsubscribe-auth/AAA4NWU3VTELCTO7UCZ3CT3USOT5XANCNFSM5BZ4LPEQ> . Triage notifications on the go with GitHub Mobile for iOS <https://apps.apple.com/app/apple-store/id1477376905?ct=notification-email&mt=8&pt=524675> or Android <https://play.google.com/store/apps/details?id=com.github.android&referrer=utm_campaign%3Dnotification-email%26utm_medium%3Demail%26utm_source%3Dgithub>. You are receiving this because you were mentioned.Message ID: ***@***.***>

--