Re: retrieving gpg-keys
* Stewart V. Wright schrieb am 2004-11-07 um 19:16 Uhr:
> * Jens Kubieziel <mutt-user@xxxxxxxxxxxx> [041107 10:10]:
> > I use random.sks.keyserver.penguin.de or subkeys.pgp.net as keyserver
> > and auto-key-retrieve is set. However it doesn't seem to work.
>
> Big hint here... RTFM for GnuPG. auto-key-retrieve is described as:
> This option enables the automatic retrieving of
> keys from a keyserver when verifying signatures
> made by keys that are not on the local keyring.
Argl, I read over the "verifying signatures"-part.
> Spoiler: What you are asking for is NOT built in to mutt. You might be
> able to hack something together, but do you really want to?
Yes, under some circumstances.
> To get someone's (Open-)PGP key, you need to know somewhere to get it
> from. You seem to trust a couple of web sites so either use their web
Keyserver, the others website and so on.
> Doing this sort of preemptive key retrieval is bad on sooooo many levels.
> Firstly there is the network overhead. How many people actually use
> Open-PGP? Not many. So you will be thrashing the network every time you
> want to email a person who doesn't have a key (if you don't care about
Maybe I didn't made myself clear. I don't want to query a keyserver for
each mail I write. It should only happen when I want to write an
encrypted mail *and* don't have the others key in my keyring.
> The second major problem is the security aspect. Having a key listed on
> one of the key servers means NOTHING. There is no guarantee that a key
> that is listed as belonging to yourfriend@xxxxxxxxxxxx has anything to do
> with that person. The security in Open-PGP comes from the Web of Trust -
ACK. But assume I want to write a mail to RMS. He is actually not in my
keyring, but when calculating the path to him
(<URL:http://webware.lysator.liu.se/jc/wotsap/?top=0x135EA668&bottom=0xEE0977E8>)
I can be sure that 0x135EA668 is the right key. However in that (and
case normally only then) I want to fetch the key from mutt.
Thanks for your hints. Maybe I will write something that solves that
problem.
--
Jens Kubieziel http://www.kubieziel.de
FdI#256: Lösung
So etwas ähnliches wie ein Produkt, nur etwas teurer und nicht
so ausgereift. (Dietz Proepper)