Re: mutt, gpg and automated key retrival

To: Andreas Schuldei <andreas@schuldei.org>
Cc: debian-devel@lists.debian.org
Subject: Re: mutt, gpg and automated key retrival
From: Peter Palfrader <ppalfrad@cosy.sbg.ac.at>
Date: Sun, 24 Sep 2000 20:50:03 +0200
Message-id: <[🔎] 20000924205003.H7110@nautilus.noreply.org>
Mail-followup-to: Andreas Schuldei <andreas@schuldei.org>, debian-devel@lists.debian.org
In-reply-to: <[🔎] 20000924202600.A32051@sigrid.schuldei.com>; from andreas@schuldei.org on Sun, Sep 24, 2000 at 20:26:00 +0200
References: <[🔎] 20000924005758.A31086@sigrid.schuldei.com> <[🔎] 20000924010905.B23638@nautilus.noreply.org> <[🔎] 20000924202600.A32051@sigrid.schuldei.com>

Hi Andreas!

On Sun, 24 Sep 2000, Andreas Schuldei wrote:

> * Peter Palfrader (ppalfrad@cosy.sbg.ac.at) [000924 01:21]:
> > > What I would like to see for some time now is that mutt finds the key of the
> > > author of signed mails on my favorit keyserver (if it is not there locally
> > > already) and checks the mails signature.
> > > 
> > > but right now this feature is disabled. the mutt command in charge of that is
> > > set to an empty string:
> > > set pgp_getkeys_command=""
> > 
> > The mutt command is not needed. Set keyserver in your ~/.gnupg/options file.
> > GPG will then try to fetch the key if it is needed.
> 
> I have gpg set up this way. Would it download the key of said 'Martin Macok'
> if I opened a signed mail from him? It does not for me.
> 
> .gnupg options contains (comments deleted)
> force-v3-sigs
> escape-from-lines
> lock-once
> keyserver wwwkeys.pgp.net 
> honor-http-proxy

Looks ok. Does mutt even try to verify the mail?
set pgp_verify_sig=yes


> > > But even if I try to receive a key manually using gpg on the command line
> > > fails: 
> > > gpg --keyserver wwwkeys.de.pgp.net -recv-key "Martin Macok <martin.macok@underground.cz>"
> > > gpg: can't open `Martin Macok <martin.macok@underground.cz>'
> > 
> > Use the keyid, like gpg --keyserver ... --recv-key 01234567
> 
> How would mutt, gpg or I know what keyid he had? the signature is just
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.0.2 (GNU/Linux)
> Comment: For info see http://www.gnupg.org
> 
> iD8DBQE5sA7W9uSLtLrzBfMRAk7aAKCoKZ41nbCrUREl19dHMFita56phwCeMBhR
> eEJkT/+QIKpVs9GBPISMlcA=
> =S2yZ
> -----END PGP SIGNATURE-----
> 
> where is the keyid?

In the signature. Just try it.

weasel@marvin:~$ cat > i 
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.2 (GNU/Linux)
Comment: For info see http://www.gnupg.org

iD8DBQE5sA7W9uSLtLrzBfMRAk7aAKCoKZ41nbCrUREl19dHMFita56phwCeMBhR
eEJkT/+QIKpVs9GBPISMlcA=
=S2yZ
-----END PGP SIGNATURE-----
weasel@marvin:~$ gpg --verbose i
gpg: armor header: Version: GnuPG v1.0.2 (GNU/Linux)
gpg: armor header: Comment: For info see http://www.gnupg.org
Detached signature.
Please enter name of data file: /dev/null
gpg: Signature made Fri Sep  1 22:17:26 2000 CEST using DSA key ID BAF305F3
gpg: requesting key BAF305F3 from blackhole.pca.dfn.de ...
gpg: armor header: Version: 5.0
gpg: armor header: Comment: PGP Key Server 0.9.4
gpg: pub  1024D/BAF305F3 2000-01-24   Martin Macok <martin.macok@underground.cz>
gpg: key BAF305F3: public key imported
gpg: Total number processed: 1
gpg:               imported: 1
gpg: BAD signature from "Martin Macok <martin.macok@underground.cz>"
weasel@marvin:~$ 

-- 
Peter

Reply to:

References:
- mutt, gpg and automated key retrival
  - From: Andreas Schuldei <andreas@schuldei.org>
- Re: mutt, gpg and automated key retrival
  - From: Peter Palfrader <ppalfrad@cosy.sbg.ac.at>
- Re: mutt, gpg and automated key retrival
  - From: Andreas Schuldei <andreas@schuldei.org>

Prev by Date: Re: Debian in Yugoslavia
Next by Date: Re: HOWTO: Join the 6bone!
Previous by thread: Re: mutt, gpg and automated key retrival
Next by thread: Re: mutt, gpg and automated key retrival
Index(es):
- Date
- Thread