Notmuch Emacs has quite limited status reporting of PGP signature
verification. I'm sure this is nothing new to you but perhaps I found
one more suboptimal case.

When verifying a signature made by an expired key (like this message:
id:87pnfjgnku.fsf@fifthhorseman.net) we get red status line: "Unknown
key [...] or unsupported algorithm". The key is not unknown to me; it is
in my keyring. The signature is good but the signing subkey is just
expired.

In a better world we would probably have more information in the status
line: (1) good or bad signature and (2) key's validity: full, marginal,
expired key, tofu conflict, never...

-- 
///  OpenPGP key: 4E1055DC84E9DFF613D78557719D69D324539450
//  https://keys.openpgp.org/search?q=tlikonen@iki.fi
/  https://keybase.io/tlikonen  https://github.com/tlikonen