gnupg and hushmail, and deleting keys/revoking
David Picon Alvarez
Wed Mar 19 07:34:02 2003
-----BEGIN PGP SIGNED MESSAGE-----
> c:\\gnupg\\gpg.exe --batch --no-tty --status-fd 2 --comment 'Using GnuPG
> with Mozilla - http://enigmail.mozdev.org' -a -e -s --always-trust
> --encrypt-to <email@example.com> -r <firstname.lastname@example.org> -u
> <email@example.com> --passphrase-fd 0
> gpg:<firstname.lastname@example.org>:skipped: public key not found
> gpg: [stdin]: sign+encrypt failed: public key not found
I'm not entirely certain about this, since I've given up on HushMail due to
the amount of trouble it causes me to use. Basically, one reason why the
keys might not be found is because IIRC HushMail does NOT follow the OpenPGP
standard (or at least good manners) when creating user IDs and does NOT
place the e-mail address in the e-mail field of the UID between angle
brackets. OTOH, I might be entirely off track and it may be a
misconfiguration issue, but if you try on the command-line to encrypt to the
addresses and they work, that's probably the case. I don't know if you can
convince Enigmail to get rid of the angle rackets in the invocation, or to
use key IDs instead (good idea anyway).
You can revoke a key by issuing and subsequently importing a revocation
certificate for such key like this:
gpg -o revoke.txt --gen-revoke KEYID
and follow the prompts which are simple enough. After which
gpg --import revoke.txt
is in order, after which you should re-distribute your key (through e-mail,
keyservers or whatever means appropriate).
You cannot, AFAIK, at present, delete a key from a keyserver, but revoking
it should make clear that it's not to be used.
-----BEGIN PGP SIGNATURE-----
Comment: This message is digitally signed and can be verified for authenticity.
-----END PGP SIGNATURE-----