[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
EasyPG for signing and en/decrypting Email
From: |
Suno Ano |
Subject: |
EasyPG for signing and en/decrypting Email |
Date: |
Sun, 05 Apr 2009 13:43:14 +0200 |
User-agent: |
Gnus/5.13 (Gnus v5.13) Emacs/23.0.91 (gnu/linux) |
Hi folks,
I hope it is okay that I put few names into CC which I found out (by
looking at the mail archive) shared an interest into this subject during
the last two years or so ...
Due to the lack of documentation on the matter I am trying to
summarize/clarify a few things and when done, put it onto
http://www.emacswiki.org/emacs/EasyPG so others will have an easier path
to gettings things done with regards to signing and en/decrypting
emails.
There are at least 5 threads started by folks, starting with 2007, which
run into the same obstacles as I did
- what do I use i.e. pgg? epg? mailcrypt?
- how do I verify a signature?
- how do I switch key IDs for signing (manually)
- how do I switch key IDs for signing automatically based on what
group I send mail from
Here is what I learned during the past few days:
- pgg and mailcrypt are obsolete. One should use EasyPG now.
- EasyPG ships with current Emacs versions like for example 23.0.91.1,
the one I use
- one can switch among his key IDs signing and/or en/decryption if
needed (lines 9 to 18) below
The other day we had another thread which contained this message of
Thierry
Thierry> if you call `epa-mail-sign' with a prefix arg, you will have
Thierry> an interface to choose your key.
I set (setq mml2015-verbose t) so I get asked which key ID (I have two)
I want to use for both of the following cases: mml-secure-message-sign
as well as epa-mail-sign. Hmmm ... About that ...
- there is the Attachment menu providing us with C-c RET C-s (which for
example invokes mml-secure-message-sign) and friends, but then
- there also is the epa-* set of commands to do the whole signing and
encryption/decryption thing.
So what do I use? The mml-* commands or the epa-* ones?
Below is my current setup
1 (require 'epa)
2
3 (setq mml2015-use 'epg)
4 (setq mml2015-encrypt-to-self t)
5 (setq mml2015-verbose t)
6 (setq mml2015-always-trust nil)
7 (setq mml2015-passphrase-cache-expiry '7200)
8
9 (add-hook 'message-setup-hook
10 (lambda ()
11 (if gnus-newsgroup-name
12 (let ((signers (gnus-group-get-parameter
13 gnus-newsgroup-name
14 'mml2015-signers
15 t)))
16 (if signers
17 (set (make-local-variable 'mml2015-signers)
18 signers))))))
19
20
21 (setq gnus-message-replysign t
22 gnus-message-replyencrypt t
23 gnus-message-replysignencrypted t
24 gnus-treat-x-pgp-sig t
25 mm-verify-option 'always
26 mm-decrypt-option 'always
27 )
28
29 (setq gnus-buttonized-mime-types
30 '("multipart/alternative"
31 "multipart/encrypted"
32 "multipart/signed"))
33
34 (setq mm-coding-system-priorities
35 '(iso-latin-1 iso-latin-9 mule-utf-8))
My question is, signing and choosing a key ID now seems to work because
of line 5.
However, even if I use my own key ID and send mail to myself, verifying
the signature does not seem to work because I see no "[[PGP Signed Part:
Good Signature ...]]" line but just the usual "[[PGP Signed Part:]]"
line i.e. no indication whatsoever Gnus could successfully verify that
(my own) signature.
On the other hand, if I use epa-mail-sign (without a prefix argument)
and then C-c RET P (preview, see Attachment menu), I get the "[[PGP
Signed Part: Good Signature ...]]" line in the preview. Oddly enough,
when I send that mail, the version I receive again only shows "[[PGP
Signed Part:]]".
What is wrong here?
Note: for this post I used C-c RET C-s to sign it with one of my two
keys.
pgpSO0cjbWgOC.pgp
Description: PGP signature
- EasyPG for signing and en/decrypting Email,
Suno Ano <=
Message not available
Re: EasyPG for signing and en/decrypting Email, Daiki Ueno, 2009/04/06