improve warnings when importing a public key manually #1543
Description
When importing a public key received through email, currently, we compare the fingerprint of the new public key with fingerprint(s) we already have recorded internally, and based on that we say either import public key or replace public key or similar.
(in the below steps, recipient email is the primary uid of the received key)
We should update this as follows: before any of the below, refetch public keys from remote sources (PubLookup by email) and update the local storage if needed, similar to when writing to a new recipient. After that fetch and update is done, compare the received public key in question to our local storage that was updated from remote sources:
- if we already have public keys for this recipient, and at least one of them has the same primary fingerprint
- if the received key is newer (by lastModified date):
Updated version of a trusted Public Key, safe to import(green, show import button in green) - if the received key has same age:
You have already imported this Public Key(black, don't show import button) - if the received key is older:
You already imported a newer version of this Public Key(black, don't show import button)
- if the received key is newer (by lastModified date):
- if we don't have any public keys recorded for the recipient:
Manually importing Public Keys received over email can be dangerous. Contact the sender to verify that the fingerprint matches.(orange, show import button in orange) - if we already have public keys for this recipient and none of them match this public key:
DANGER! This Public Key is different than already imported Public Key, importing could be dangerous. Call or text the sender to confirm they sent this key, and carefully cross-check the fingerprint with them.(red, import button also red)