Getting started with signatures.

Todd Todd <Freedom_Lover@pobox.com>
Sun May 11 10:03:02 2003 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Daniel Carrera wrote:
> Hello all,

Hi.

> I'm trying to get started with email signatures.  I already got my email
> client (Mutt) to sign my outgoing messages.

Hooray for mutt!  :)

> - Upload my public key to keyservers so my signatures can be verified.

gpg --send-keys <your_keyid>

That also assumes you have set a keyserver in your gpg.conf file.  If not,
you'll need to add a --keyserver option on the command line.

> - Get other people's public keys so I can verify their signatures.

You can grab particular keys from the keyserver using

gpg --recv-keys <keyid>

Or you could use the auto-key retrieval option to have gpg try and get any
keys you don't already have when it is verifying a signature.  The pros and
cons of this were discussed here in the past day or so.

> If anyone is using Mutt, perhaps I could get some Mutt-specific help: It
> looks like Mutt is not even trying to verify any of the signed messages
> other than my own.

That may well be an issue of the pgp signature format.  Mutt uses PGP/MIME
by default and that's all well and good.  However, most MUA's simply can't
(or won't) send and receive mail in this format.  They just put an OpenPGP
block in the message body.  You can make mutt check these signatures in
several ways.  The recommended way in 1.4 and above is to use the
check-traditional-pgp function, which is bound to ESC P by default.  The
other way is to use procmail to munge the message headers.  See the
PGP-Notes.txt file that comes with mutt for details on how to do that.

I prefer to leave the messages intact and I take advantage of a nice mutt
patch that forces mutt to check for traditional (inline) pgp signatures[1].
That way I don't have to hit ESC P all the time.  I also use traditional
(inline) signatures for most of my list mail since that is the more widely
supported format.  This can also be made easier with a patch[2].  Check the
mutt-users list archives for more discussion on this (it comes up pretty
regularly).

[1] http://www.pizzashack.org/mutt/
[2] http://www.woolridge.org/mutt/pgp-menu-traditional.html

- -- 
Todd              OpenPGP -> KeyID: 0xD654075A | URL: www.pobox.com/~tmz/pgp
============================================================================
We can have justice whenever those who have not been injured by injustice
are as outraged by it as those who have been.
    -- Solon (594 B.C.)

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.2 (GNU/Linux)
Comment: When crypto is outlawed bayl bhgynjf jvyy unir cevinpl.

iD8DBQE+vgQIuv+09NZUB1oRAs8vAKCgoohqZ7iQ20tkACVMhSN6Y1mVVQCfQuaq
pOA0zRWlNhqEof4Rant9+ZY=
=LoKW
-----END PGP SIGNATURE-----