[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Challenge-response mail filters considered harmful

On Tue, Aug 05, 2003 at 09:50:34AM +0100, Colin Watson wrote:
> On Mon, Aug 04, 2003 at 09:18:05PM -0700, Steve Lamb wrote:
> > On Tue, 5 Aug 2003 01:50:26 +0100
> > Pigeon <jah.pigeon@ukonline.co.uk> wrote:
> > > I have a script that looks at the sigs in incoming mail as it's
> > > delivered, and automatically pulls from a keyserver any that I don't
> > > have. Very convenient.
> > 
> >     Why when two entries in your .gnupg/gpg.conf file will do it just fine?
> > 
> > keyserver x-hkp://pgp.mit.edu
> > keyserver-options auto-key-retrieve
> I can see why Pigeon's approach might be preferable. I found
> auto-key-retrieve annoying and turned it off because it slowed things
> down *while I was reading mail*, which I want to be fast. Doing that
> task as mail is retrieved is something I hadn't thought of and would be
> far smoother for me.

In my case it's because I'm on dialup, so I'm not actually online when
I'm reading mail. Getting the keys during retrieval is really the only
realistic option.

It may be a little pointless offering my slightly gross hack (it
triggers key retrieval by using the sig to "verify" /dev/null, because
I don't have to parse so much of the message that way) to a shell
guru, but you can have it if you want... :-)


Be kind to pigeons
Get my GPG key here: http://pgp.mit.edu:11371/pks/lookup?op=get&search=0x21C61F7F

Attachment: pgpdnqlXqFIKn.pgp
Description: PGP signature

Reply to: