Using gpg with mutt

David Benfell gnupg-users@gnupg.org
Sun Dec 16 04:06:01 2001


--B4IIlcmfBL/1gGOG
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

On Tue, Dec 11, 2001 at 09:51:11AM -0500, Justin R. Miller wrote:
> Thus spake mike ledoux (mwl+gnupg@alumni.unh.edu):
>=20
> > > Is there a way to make mutt know that a email sent from something
> > > like pine or a windows MUA is signed.. i havent been able to find
> > > any doc on it.  The only info ive found was for procmail andi i dont
> > > use that.  I have a local email server on my box that I use.  Does
> > > any one have any ideas thanks
> >=20
> > No, Mutt is broken in this respect--the procmail solution that the
> > Mutt developers always point to is severely flawed in many respects.
>=20
> I believe that the Esc-P option was added in Mutt 1.3.x -- you might
> want to try that branch, as it has had several betas towards 1.4 so far
> and has little or no problems.  The latest is 1.3.24.  Then clearsigned
> messages can be checked with that key combination, and while the folder
> is still open, they will be treated as PGP/MIME.=20
>=20
Thank you for pointing this out.  I hadn't seen it documented but have
now been off experimenting with it.  (I'm running Mutt 1.3.23i
(2001-10-09).)  Once you've applied <ESC>P to an e-mail, Mutt seems to
remember that it's a signed e-mail even if you change folders and come
back.  The PGP signature block which Mutt had previously failed to
recognize disappears and is replaced by a dialog at the beginning of
the message indicating the results of the gnupg session.  This is
really cool.

Curiously, the most recent CERT advisory, dealing with openssh issues,
comes up with a bad signature.  I checked the one before it, dealing
with login issues, and it came up okay.  So I'm kind of scratching my
head...

I believe the most recent CERT advisory is valid; most of the
information it contained is information I'd seen before.  (I've posted
it at http://www.greybeard95a.com/openssh-cert-advisory .)  So I'm
wondering why the signature came up as a BAD signature.

--=20
David Benfell, LCP
benfell@parts-unknown.org
---
Resume available at http://www.parts-unknown.org/resume.html

--B4IIlcmfBL/1gGOG
Content-Type: application/pgp-signature
Content-Disposition: inline

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (GNU/Linux)
Comment: For info see http://www.gnupg.org

iQEXAwUBPBwO7Xw5zqzgtjVOFAOzIwP+KQ0HhUOtLv5CSNNzgaYpgSwJQWcWcz7S
iiCKLx1dh1dVndNtwyn8Ii37v1jXtWFXXa3dk1uzlX75VMErOvVqDhKYVYA85GHk
jakdqyenaU7nq7hojI4pFmqBg+eeYy5KYttDWOe+EaDY3jo1xz+gm6xrNIT7OUvr
F5L2+nzS4RoEAIPL0y3KVu6BIkK2ZQ+RberxcnA7MBFlNIrLH1yx3qhURyqjc4sJ
fyIimt/HFLQNH8254DkxMWTxoZlLVUPEqwtdGtTN+ka66yo5nP9pparE96aqqGIr
8rVol1Qg2QKxh3Zj0GE6AB9xbERTCZXLyGv1hFQUDBBOKDiWVa8IYSD5
=RGR7
-----END PGP SIGNATURE-----

--B4IIlcmfBL/1gGOG--