<<< Date Index >>>     <<< Thread Index >>>

Re: Do you auto fetch GPG keys?



Thank you for kindly reply.
I set crypt_verify_sig=yes, and follow your advice. However I
still can not verify the encrypted signature. 
It said can not find public key.

I never used pgp before, or maybe I have used unconciously. I read
some gnupg's doc online and then am totally confused.

I think perhaps I did not configure my gnupg correctly. In my
.gnupg/gpg.conf, there is a line "skeyserver hkp://subkeys.pgp.net"
Is this a correct server for downloading the "public key" needed
to verify your encrypted sig.

How can I know your keys? no matter the public or the private. 
Shall I set "pgp_getkeys_command"? I do not how to set it.
I am sorry if this is not a mutt-relevant subject.

YeFei
On 2006-06-16, Kyle Wheeler (kyle-mutt@xxxxxxxxxxxxxx) wrote:
> On Friday, June 16 at 03:25 PM, quoth Ye Fei:
> > As my understanding, "set crypt_verify_sig=no" means does not verify 
> > the crypt signature.
> 
> You are correct, that's exactly what it means.
> 
> > But sorry for my stupid question, why does people send message to a 
> > mailing list with a crypt signature which can not be verified by 
> > others?
> 
> Most likely, they send it because they either have accidentally 
> misconfigured their mailer, or because they do not know how to produce 
> a correct signature.
> 
> > What do I need to verify the signature correctly?
> 
> For the sake of double-checking, make sure your pgp_* settings are 
> correct. For example (each setting all on one line, of course):
> 
> set pgp_verify_command="gpg --status-fd=2 --no-verbose --quiet --batch 
> --output - -verify %s %f"
> 
> set pgp_decrypt_command="gpg --status-fd=2 %?p?--passphrase-fd 0? 
> --no-verbose --quiet --batch --output - %f"
> 
> set pgp_decode_command="gpg --status-fd=2 %?p?--passphrase-fd 0? 
> --no-verbose --quiet --batch --output - %f"
> 
> There are more, of course, for correctly signing messages, but the 
> above should be enough to let you correctly verify messages, as long 
> as gpg is in your $PATH (otherwise, put the full path to gpg in each 
> line).
> 
> ~Kyle
> -- 
> It only takes 20 years for a liberal to become a conservative without 
> changing a single idea.
>                                                 -- Robert Anton Wilson