On Tue, Dec 16, 2003 at 08:57:24AM -0800, seberino@xxxxxxxxxxxxxxx wrote:
> > > There is a pgp_decrypt_command so decode does NOT mean decryption.
> >
> > However, you need to decode the PGP signature if you hope to be able to
> > verify anybody's signature (including your own).
>
> So to "decode" just means parsing the signature and other housekeeping
> duties???
"other housekeeping duties?" It "parses" (not much parsing, really)
the signature, and feeds it to PGP along with the message.
> Why do we need a variable to tweak this behavior then?? I'm guessing
> that most people probably don't change this?
Well, one obvious case is the problem that Mutt has no way of knowing
whether you use PGP or GPG, and where either of the above is installed.
Another neat case is my own:
$ grep decode ~/.mutt/gpg.rc
# decode application/pgp
set pgp_decode_command="gpg.mutt %?p?--passphrase-fd 0? --no-verbose --quiet
--batch --output - %f"
$ cat ~/bin/gpg.mutt
#!/bin/sh
/usr/local/bin/gpg -q $* 2>/tmp/gpg.dave.tmp
#The backtick trick gets rid of the trailing newline easily (to save a line in
# the Mutt display):
echo -n "`cat /tmp/gpg.dave.tmp | grep gpg | grep -i correct `" >&2
#useful for debugging:
#cat /tmp/gpg.dave.tmp >&2
#We run /bin/true here so the return value is always zero. gpg_good_sign is
# a much better way of telling good sigs from bad ones:
true
> > > Also, what is need for pgp_good_sign??
> >
> > pgp_good_sign is useful to set if your PGP/GPG return code is bogus.
>
> I read the part below too. If the return code is bogus then that is
> a fault of the PGP/GPG app not mutt. It seems another approach could have
> been
> for mutt to insist the PGP/GPG fix the return code if it is broken
> rather than trying to work around the bug.
Asking somebody to "fix" a return code presupposes that it's broken,
which brings us to the question of. . .
> Are there some cases where the return code is different for good reason
> and we DON'T want to modify it??
I don't know whether or not it's actually done, but gpg could certainly
return different values depending on how trusted the signature is,
and such info would be mighty useful. Unfortunately, Mutt would
misinterpret it. One solution is a wrapper around gpg (like I did), but
Mutt provides a much simpler workaround: if you know that a certain string
is printed by gpg if the signature is correct and only if it's correct
("iff" it's correct, for you Mathematics majors here), Mutt can simply
look for that string. (As you can tell, I combine both of the above.)
HTH,
- Dave
--
Uncle Cosmo, why do they call this a word processor?
It's simple, Skyler. You've seen what food processors do to food, right?
Please visit this link:
http://rotter.net/israel
Attachment:
pgpNCvmPOG7qb.pgp
Description: PGP signature