Issue 54366 - Add support for GPG/PGP signatures
Summary: Add support for GPG/PGP signatures
Alias: None
Product: General
Classification: Code
Component: code (show other issues)
Version: 3.3.0 or older (OOo)
Hardware: PC All
: P3 Trivial with 8 votes (vote)
Target Milestone: ---
Assignee: AOO issues mailing list
QA Contact:
Depends on:
Reported: 2005-09-08 15:52 UTC by n7dr
Modified: 2014-07-06 17:19 UTC (History)
3 users (show)

See Also:
Latest Confirmation in: ---
Developer Difficulty: ---


Note You need to log in before you can comment on or make changes to this issue.
Description n7dr 2005-09-08 15:52:42 UTC
It appears that GPG/PGP keys cannot be used to sign documents.

I have never received an e-mail that contains a certificate-based signature, but
I receive many GPG-signed e-mails per day; similarly GPG is the basis for jabber
security. So it seems only reasonable to use my GPG private key for signing OOo
Comment 1 eric.savary 2005-09-13 12:20:43 UTC
Comment 2 hermann1871 2007-05-06 14:20:08 UTC
*** Issue 54366 has been confirmed by votes. ***
Comment 3 juran 2007-10-15 09:46:30 UTC
Isn't this a duplicate of bug 4401?
Comment 4 caolanm 2008-02-19 14:43:24 UTC

*** This issue has been marked as a duplicate of 4401 ***
Comment 5 n7dr 2008-02-20 10:20:14 UTC
Why is this being marked as a dupe?

This issue is explicitly about signing documents. Issue 4401 is explicitly about
encrypting documents (via the Save As dialogue). Not at all the same thing.

Comment 6 orcmid 2014-07-06 17:05:42 UTC
It is correct this issue should not be combined with encryption.  In ODF and Apache OpenOffice, encryption is password-based and there is no provision for Public Key Cryptography to be used at all.

For signing, there is provision for PKC, as in the current support for X.509.  So this will be a separate issue for an indefinite time.  In this case, accommodation of PGP signing will depend on two provisions: Including OpenPGP information in the XML Digital Signature used in the ODF Format and relying on the PGP libraries that are already installed on an user's computer so that the signatures can be produced and so they can be verified.