Re: Do you auto fetch GPG keys?
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On Friday, June 16 at 05:34 PM, quoth markus reichelt:
>* Kyle Wheeler <kyle-mutt@xxxxxxxxxxxxxx> wrote:
>
>> However, if you are *viewing* an *encrypted* message (like he
>> said), then you obviously have mutt configured at least somewhat
>> correctly. My presumption would be that if you've gotten the pgp
>> settings correct enough to view an encrypted message, you probably
>> have the settings correct for verifying signatures, in which case
>> seeing "PGP signature could NOT be verified." is definitely NOT
>> normal.
>
>Just to clarify things:
>
>Yepp, you're right. Given that the public key in question is in fact
>present in one's public keyring. If that public key is missing the
>message above is as it should be.
Oddly enough, my gpg seems to be much more useful. After disabling
auto-keyfetching, when I tried to verify the signature on your message
(as an example of someone whose key is not in my public keyring), I
got:
gpg: Can't check signature: public key not found
This seems both obvious, and intuititve. Why does your mutt say
something different?
~Kyle
- --
Mathematicians stand on each other's shoulders while computer
scientists stand on each other's toes.
-- R. W. Hamming
-----BEGIN PGP SIGNATURE-----
Comment: Thank you for using encryption!
iD8DBQFEkvkiBkIOoMqOI14RAkm3AJ4j8EcW0mK2RjWRXzJ7BeXsNdbGPACdGh9K
Op48NSLcctv+ptm4AReTxcA=
=JqQx
-----END PGP SIGNATURE-----