Re: GnuPG & mutt on Woody 3.0r2.
On Sun, Dec 21, 2003 at 10:08:44PM -0700, s. keeling wrote:
> My trouble right now is verifying keys. If I send myself mail, it's
> correctly compared to my local copy (in my keyring?) and gpg says it's
> good. Other mail coming in triggers a lookup at pgp.mit.edu for keys,
> leading to strange results:
> gpg: Signature made Sun Dec 21 17:14:28 2003 MST using DSA key ID 946886AE
> gpg: Good signature from "Trey Sizemore <firstname.lastname@example.org>"
> gpg: WARNING: This key is not certified with a trusted signature!
> gpg: There is no indication that the signature belongs to the owner.
> gpg: Fingerprint: 683F FFE2 AA2D D341 6002 A973 8443 F068 9468 86AE
You don't appear to have built a trust path between one of your
trusted keys to Trey Sizemore's key. If you're certain the key
946886AE really belongs to Trey Sizemore you can sign it locally
(gpg --edit-key 946886AE; and use the lsign command). *Your*
signature on the key will assure gnupg that you trust that key.
> gpg: Signature made Sun Dec 21 20:32:36 2003 MST using DSA key ID 16D0B8EF
> gpg: BAD signature from "Joey Hess (email key) <email@example.com>"
Sometimes broken MUAs or MTAs trigger this error. Browse the archive
of the gnupg-user mailing list (http://marc.theaimsgroup.com/?l=gnupg-users&r=1&w=2)
for possible causes and explanations.
> The commands driving gpg in mutt were clipped right out of /etc/Muttrc
> (Woody 3.0r2):
> set pgp_autosign=no
> set pgp_sign_as=AC94E4B7
Are you sure you want to specify this in the global configuration file?
> Ideas anyone? I feel like I'm within spitting distance of the goal
> line, and I'm not getting any closer no matter what I do.
It definitely takes some time to get used to the concept and
resolve technical problems, but once you're done you'll be fine
Am I a cleric? | 1024D/37B8D989
Or maybe a sinner? | 954B 998A E5F5 BA2A 3622
Unbeliever? | 82DD 54C2 843D 37B8 D989
Renegade? | http://sks.dnsalias.net