G'day Jens, * Jens Kubieziel <mutt-user@xxxxxxxxxxxx> [041107 10:10]: > > Go to for ex. pgp.mit.edu or add this line to your ~/.gnupg/options file > > keyserver pgp.mit.edu > > I use random.sks.keyserver.penguin.de or subkeys.pgp.net as keyserver > and auto-key-retrieve is set. However it doesn't seem to work. Big hint here... RTFM for GnuPG. auto-key-retrieve is described as: This option enables the automatic retrieving of keys from a keyserver when verifying signatures made by keys that are not on the local keyring. Spoiler: What you are asking for is NOT built in to mutt. You might be able to hack something together, but do you really want to? To get someone's (Open-)PGP key, you need to know somewhere to get it from. You seem to trust a couple of web sites so either use their web interfaces or read the GnuPG man page to see if there is an a way to do it from the command line. Of course the other option is to mail the person who you want to converse with and as for the key to be sent to you. Doing this sort of preemptive key retrieval is bad on sooooo many levels. Firstly there is the network overhead. How many people actually use Open-PGP? Not many. So you will be thrashing the network every time you want to email a person who doesn't have a key (if you don't care about your network, think about the nice souls who have put up the key servers). The second major problem is the security aspect. Having a key listed on one of the key servers means NOTHING. There is no guarantee that a key that is listed as belonging to yourfriend@xxxxxxxxxxxx has anything to do with that person. The security in Open-PGP comes from the Web of Trust - and then the source of the key becomes irrelevant. That is why I said mail the person for their key. If they (and you) are in the WoT then you can get their key directly and even then an attempted attack will fail (gross generalisation but true at some level). Sorry for not helping with your problem, but hopefully you understand why it is a somewhat bad idea. Cheers, S.
Attachment:
signature.asc
Description: Digital signature