Is it possible to sign a PDF with an OpenPGP key generated by Thunderbird ? (programming.dev)

submitted 4 months ago by Rick_C137@programming.dev to c/linux@lemmy.ml

10 comments fedilink hide all child comments

Hi everyone,

I was wondering if you know a way to use the generated OpenPGP key created trough Thunderbird to sign PDF's ?

(Devuan distro)

Thanks.

all 11 comments

sorted by: hot top controversial new old

[-] Pantherina@feddit.de 13 points 4 months ago

That would be a perfect place for a Thunderbird addon. Add as attachment, sign with pgp key, send

[-] umami_wasbi@lemmy.ml 6 points 4 months ago

Isn't that already done when sending a signed email? Or other types of sent that I'm not aware?

[-] Pantherina@feddit.de 3 points 4 months ago

I have no idea, is the attachment encrypted and signed? I suppose?

But this would allow signing only, which is also important if you trust the server.

[-] delirious_owl@discuss.online 2 points 4 months ago

Yes, attachments and subject lines are encrypted in the latest version of Thunderbird

[-] Pantherina@feddit.de 1 points 4 months ago

Nice!

[-] kevincox@lemmy.ml 8 points 4 months ago

Do you mean using PDF's built-in signature mechanisms? I don't think so.

If you want to do regular PGP file signing you can export the key from Thunderbird and do whatever you want with it.

[-] umami_wasbi@lemmy.ml 8 points 4 months ago* (last edited 4 months ago)

You can. I'm not particularly familar with Thunderbird, but you can export your key to system/user keyring then you can sign any data you want using GPG. However, I doubt tool exists for you to embed the signature to a PDF like x.509 signing would.

https://superuser.com/questions/653231/embed-a-gpg-signature-in-a-pdf-file#1361205

[-] Rick_C137@programming.dev 3 points 4 months ago* (last edited 4 months ago)

Thank you all for your quick reactions !!

To summarize if I want to use the PDF built-in signing I will need to convert my OpenPGP into a X.509 cert otherwise I can simply use the OpenPGP file signing

I want to stick to the UNIX Philosophy especially:

Write programs that do one thing and do it well.

So I will use the OpenPGP signing tool :)

Thanks !

[-] delirious_owl@discuss.online 1 points 4 months ago

Please edit the OP instead of making a comment

[-] Laser@feddit.de 1 points 4 months ago

OpenPGP is kind of like the opposite of that - it does a lot of things, and none of them particularly well. To quote:

PGP does a mediocre job of signing things, a relatively poor job of encrypting them with passwords, and a pretty bad job of encrypting them with public keys. PGP is not an especially good way to securely transfer a file. It’s a clunky way to sign packages. It’s not great at protecting backups. It’s a downright dangerous way to converse in secure messages.

minisign is more in the UNIX spirit.

this post was submitted on 23 Feb 2024

32 points (97.1% liked)

Linux

45457 readers

1393 users here now

From Wikipedia, the free encyclopedia

Linux is a family of open source Unix-like operating systems based on the Linux kernel, an operating system kernel first released on September 17, 1991 by Linus Torvalds. Linux is typically packaged in a Linux distribution (or distro for short).

Distributions include the Linux kernel and supporting system software and libraries, many of which are provided by the GNU Project. Many Linux distributions use the word "Linux" in their name, but the Free Software Foundation uses the name GNU/Linux to emphasize the importance of GNU software, causing some controversy.

Rules

Posts must be relevant to operating systems running the Linux kernel. GNU/Linux or otherwise.
No misinformation
No NSFW content
No hate speech, bigotry, etc

Related Communities

Community icon by Alpár-Etele Méder, licensed under CC BY 3.0

founded 5 years ago

MODERATORS

AgreeableLandscape@lemmy.ml

nooter692@lemmy.ml

MarcellusDrum@lemmy.ml

cypherpunks@lemmy.ml

cyclohexane@lemmy.ml

d3Xt3r@lemmy.nz