all messages for Emacs-related lists mirrored at yhetil.org
 help / color / mirror / code / Atom feed
* Verifying signed mail in Gnus
@ 2022-10-31 10:24 Angel de Vicente
  2022-10-31 11:48 ` Akib Azmain Turja
  0 siblings, 1 reply; 10+ messages in thread
From: Angel de Vicente @ 2022-10-31 10:24 UTC (permalink / raw)
  To: help-gnu-emacs

[-- Attachment #1: Type: text/plain, Size: 2151 bytes --]

Hello,

it is only yesterday that I started worrying about signing/encrypting
mails, so I still have plenty of holes in my understanding of the
process in order to have a simple and secure workflow.

So here I go with some questions, based on some real scenarios that I
tried to solve today and for which I'm not sure how to proceed:

1) I got a signed mail from someone for which I don't have his public
key. I tried to use the EasyPG epa-search-keys command, but found that
the keyserver I'm using (epa-keyserver: "keys.openpgp.org") doesn't have
that key. Is it not possible (via a command prefix) to change the
keyserver to be searched by that function? I thought keyservers
exchanged information so at the end all had basically the same keys? Am
I mistaken?

2) Once I have the public PGP key of someone, I know how to sign it, so
its trust becomes "full", which Gnus shows nicely:

,----
| [[PGP Encrypted Part:OK]]
|
| [[PGP Signed Part:Good signature from 5CA8B9B7XXXXXXXX XXXXXX
| X. XXXXXXXXXX <XXXXXX@XXX.XX> (trust full) created at
| 2022-10-31T09:54:05+0000 using RSA]]
`----

but now I got an e-mail from someone using S/MIME, and despite reading
that GnuPG should be able to handle S/MIME certificates, I'm not sure
how to do it. Is there something similar to `epa-search-keys` but for
certificates? I guess since we are dealing with certificates here, I
don't need to get the individual certificate of this person, but just
the certificate for the Certification Authority, but how to find the
certificate, and how to do the equivalent of the signing above, so trust
will go from "undefined" to "full"?

,----
| [[S/MIME Signed Part:Good signature from
| DD733F6DFA9EBA0303FXXXXXXXXXXXXXXXXXXXXX /CN=XXXXX XXXXXX XXXXXX
| XXXXXXXX/O=Instituto de Astrofisica de Canarias/STREET=Calle Vía
| Láctea, s\x2fn/ST=Santa Cruz de Tenerife/C=ES (trust undefined)]]
`----

Thanks for any pointers.

Cheers,
-- 
Ángel de Vicente                 -- (GPG: 0x64D9FDAE7CD5E939)
 Research Software Engineer (Supercomputing and BigData)
 Instituto de Astrofísica de Canarias (https://www.iac.es/en)

[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 702 bytes --]

^ permalink raw reply	[flat|nested] 10+ messages in thread

end of thread, other threads:[~2022-11-03  8:53 UTC | newest]

Thread overview: 10+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2022-10-31 10:24 Verifying signed mail in Gnus Angel de Vicente
2022-10-31 11:48 ` Akib Azmain Turja
2022-10-31 12:30   ` Angel de Vicente
2022-10-31 17:04     ` Akib Azmain Turja
2022-10-31 19:53     ` Uwe Brauer
2022-11-02 20:52       ` Björn Bidar
2022-11-02 23:53         ` Tomas Hlavaty
2022-11-03  5:24           ` Björn Bidar
2022-11-03  8:53             ` Tomas Hlavaty
2022-10-31 19:18   ` GH

Code repositories for project(s) associated with this external index

	https://git.savannah.gnu.org/cgit/emacs.git
	https://git.savannah.gnu.org/cgit/emacs/org-mode.git

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.