From: Akib Azmain Turja <akib@disroot.org>
To: Angel de Vicente <angel.vicente.garrido@gmail.com>
Cc: help-gnu-emacs@gnu.org
Subject: Re: Verifying signed mail in Gnus
Date: Mon, 31 Oct 2022 17:48:42 +0600 [thread overview]
Message-ID: <87pme8w6w5.fsf@disroot.org> (raw)
In-Reply-To: <87a65cz3xl.fsf@gmail.com> (Angel de Vicente's message of "Mon, 31 Oct 2022 10:24:22 +0000")
[-- Attachment #1: Type: text/plain, Size: 2470 bytes --]
Angel de Vicente <angel.vicente.garrido@gmail.com> writes:
> Hello,
>
> it is only yesterday that I started worrying about signing/encrypting
> mails, so I still have plenty of holes in my understanding of the
> process in order to have a simple and secure workflow.
>
> So here I go with some questions, based on some real scenarios that I
> tried to solve today and for which I'm not sure how to proceed:
>
> 1) I got a signed mail from someone for which I don't have his public
> key. I tried to use the EasyPG epa-search-keys command, but found that
> the keyserver I'm using (epa-keyserver: "keys.openpgp.org") doesn't have
> that key. Is it not possible (via a command prefix) to change the
> keyserver to be searched by that function? I thought keyservers
> exchanged information so at the end all had basically the same keys? Am
> I mistaken?
>
> 2) Once I have the public PGP key of someone, I know how to sign it, so
> its trust becomes "full", which Gnus shows nicely:
>
> ,----
> | [[PGP Encrypted Part:OK]]
> |
> | [[PGP Signed Part:Good signature from 5CA8B9B7XXXXXXXX XXXXXX
> | X. XXXXXXXXXX <XXXXXX@XXX.XX> (trust full) created at
> | 2022-10-31T09:54:05+0000 using RSA]]
> `----
>
> but now I got an e-mail from someone using S/MIME, and despite reading
> that GnuPG should be able to handle S/MIME certificates, I'm not sure
> how to do it. Is there something similar to `epa-search-keys` but for
> certificates? I guess since we are dealing with certificates here, I
> don't need to get the individual certificate of this person, but just
> the certificate for the Certification Authority, but how to find the
> certificate, and how to do the equivalent of the signing above, so trust
> will go from "undefined" to "full"?
>
> ,----
> | [[S/MIME Signed Part:Good signature from
> | DD733F6DFA9EBA0303FXXXXXXXXXXXXXXXXXXXXX /CN=XXXXX XXXXXX XXXXXX
> | XXXXXXXX/O=Instituto de Astrofisica de Canarias/STREET=Calle Vía
> | Láctea, s\x2fn/ST=Santa Cruz de Tenerife/C=ES (trust undefined)]]
> `----
>
> Thanks for any pointers.
>
> Cheers,
How did you make Gnus display those nice messages? My Gnus doesn't do
that (but ask me for password for decrypting mails).
--
Akib Azmain Turja
Find me on Mastodon at @akib@hostux.social, and on Codeberg (user
"akib").
This message is signed by me with my GnuPG key. Its fingerprint is:
7001 8CE5 819F 17A3 BBA6 66AF E74F 0EFA 922A E7F5
[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 832 bytes --]
next prev parent reply other threads:[~2022-10-31 11:48 UTC|newest]
Thread overview: 10+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-10-31 10:24 Verifying signed mail in Gnus Angel de Vicente
2022-10-31 11:48 ` Akib Azmain Turja [this message]
2022-10-31 12:30 ` Angel de Vicente
2022-10-31 17:04 ` Akib Azmain Turja
2022-10-31 19:53 ` Uwe Brauer
2022-11-02 20:52 ` Björn Bidar
2022-11-02 23:53 ` Tomas Hlavaty
2022-11-03 5:24 ` Björn Bidar
2022-11-03 8:53 ` Tomas Hlavaty
2022-10-31 19:18 ` GH
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
List information: https://www.gnu.org/software/emacs/
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=87pme8w6w5.fsf@disroot.org \
--to=akib@disroot.org \
--cc=angel.vicente.garrido@gmail.com \
--cc=help-gnu-emacs@gnu.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).