Issue 54366

Summary: Add support for GPG/PGP signatures
Product: General Reporter: n7dr <doc.evans>
Component: codeAssignee: AOO issues mailing list <issues>
Status: REOPENED --- QA Contact:
Severity: Trivial    
Priority: P3 CC: faelconkiratara, issues, orcmid
Version: 3.3.0 or older (OOo)   
Target Milestone: ---   
Hardware: PC   
OS: All   
Issue Type: ENHANCEMENT Latest Confirmation in: ---
Developer Difficulty: ---

Description n7dr 2005-09-08 15:52:42 UTC 
It appears that GPG/PGP keys cannot be used to sign documents.

I have never received an e-mail that contains a certificate-based signature, but
I receive many GPG-signed e-mails per day; similarly GPG is the basis for jabber
security. So it seems only reasonable to use my GPG private key for signing OOo
documents.
Comment 1 eric.savary 2005-09-13 12:20:43 UTC 
Reassigned
Comment 2 hermann1871 2007-05-06 14:20:08 UTC 
*** Issue 54366 has been confirmed by votes. ***
Comment 3 juran 2007-10-15 09:46:30 UTC 
Isn't this a duplicate of bug 4401?
Comment 4 caolanm 2008-02-19 14:43:24 UTC 
.

*** This issue has been marked as a duplicate of 4401 ***
Comment 5 n7dr 2008-02-20 10:20:14 UTC 
Why is this being marked as a dupe?

This issue is explicitly about signing documents. Issue 4401 is explicitly about
encrypting documents (via the Save As dialogue). Not at all the same thing.
Comment 6 orcmid 2014-07-06 17:05:42 UTC 
It is correct this issue should not be combined with encryption.  In ODF and Apache OpenOffice, encryption is password-based and there is no provision for Public Key Cryptography to be used at all.

For signing, there is provision for PKC, as in the current support for X.509.  So this will be a separate issue for an indefinite time.  In this case, accommodation of PGP signing will depend on two provisions: Including OpenPGP information in the XML Digital Signature used in the ODF Format and relying on the PGP libraries that are already installed on an user's computer so that the signatures can be produced and so they can be verified.