<<< Date Index >>>     <<< Thread Index >>>

Re: gpg



On Tue, Mar 02, 2004 at 10:32:05AM +0000 or thereabouts, Stewart V. Wright 
wrote:
> G'day Stephen,
> 
> * Stephen Allen <kru_tch@xxxxxxxx> [040301 22:43]:
> 
> 
> > > 3) Have you used the pgp_sign_as variable in mutt?  For example I sign
> > >    with my 0x35DB7472 (sub)key so I have the following in my .muttrc
> > >  set pgp_sign_as="0x35DB7472!"
> > 
> > I'm using signing with a default key now. But it's not in the format you 
> > have above,
> > but more along the line of 'F8A48DF1'. Is that significant?
> 
> Not really.  (All of the comments should be prefaced with 'As I
> understand it...')  The pgp_sign_as passes the key information along
> to gpg.  Now the guys who write gpg (and at least one is on this list)
> are pretty smart so they know that some people are going to put the
> hex(?) part of their key down as 'F8A48DF1' whilst others want to
> force GPG to know that the text is hex and so put the '0x' in front.
> 
> I guess this will only really be a problem if you have a information
> on your key (for example an email address) which matches the
> fingerprint of another key.  So for example a (famous) key is
> 0xDEADBEEF, but some one might have DEADBEEF@xxxxxxxxxxx as their
> email address on another secret key.  What is the correct behaviour
> for GPG if you specify your pgp_sign_as to be 'DEADBEEF'?
> 
> The only other difference is the '!' at the end of my fingerprint.
> That is to tell gpg to use the 0x35DB7472 subkey, not which ever one it
> thinks it wants to use when signing.  If you do 
> 'gpg --list-keys B3334559' (see I've dropped the 0x for simplicity!)
> you will notice I have three subkeys, as opposed to the usual one...
> 
>   pub  1024D/B3334559 2003-05-14
>   sub  2048g/A11D9315 2003-05-14
>   sub  1024D/246383E6 2003-05-14
>   sub  1024D/35DB7472 2003-05-14
> 
> I want to force mutt to use the 35DB7472 key to sign emails, and the
> others for other purposes.
> 
> Confused yet???  ;-)

Nope, I'm hanging in. :)

> > What is the subkey, as opposed to the line above it when one issues the
> 
> I don't want to sound patronising, but this might be a bridge too far
> at the moment.  I would get your mutt working and then explore more
> about GPG.  A fantastic (IMHO) website is:
>    http://fortytwo.ch/gpg/subkeys/

Excellent. It's bookmarked, and no, you're not sounding patronising. I
appreciate the guidance.

> > Oh yeah, how do I get mutt to show my other keys, so I can sign
> > according to my send-hook? I can't seem to find anything that specifies
> > how one does this.
> 
> Good question.  Mutt will show you the keys of people you are sending
> to, but you need to know the key that you are going to use for signing
> yourself.  As a guess I would say that if you have multiple keys that
> you want to use for signing, try using aliases/send-hooks to change
> your pgp_sign_as.

Excellent, I now have it working in conjuction with my send hooks.

Thanks very much to you and the others whom helped on my issue.


-- 
S.Allen
------------------------------------
barnyard  Tuesday Mar 02 2004 09:20:01 EST
------------------------------------
Life is a sexually transmitted disease with 100% mortality.

Attachment: pgp4ud3lYhQou.pgp
Description: PGP signature