help-gnu-emacs
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Verifying signed mail in Gnus

From: Akib Azmain Turja
Subject: Re: Verifying signed mail in Gnus
Date: Mon, 31 Oct 2022 17:48:42 +0600 
Angel de Vicente <angel.vicente.garrido@gmail.com> writes:

> Hello,
>
> it is only yesterday that I started worrying about signing/encrypting
> mails, so I still have plenty of holes in my understanding of the
> process in order to have a simple and secure workflow.
>
> So here I go with some questions, based on some real scenarios that I
> tried to solve today and for which I'm not sure how to proceed:
>
> 1) I got a signed mail from someone for which I don't have his public
> key. I tried to use the EasyPG epa-search-keys command, but found that
> the keyserver I'm using (epa-keyserver: "keys.openpgp.org") doesn't have
> that key. Is it not possible (via a command prefix) to change the
> keyserver to be searched by that function? I thought keyservers
> exchanged information so at the end all had basically the same keys? Am
> I mistaken?
>
> 2) Once I have the public PGP key of someone, I know how to sign it, so
> its trust becomes "full", which Gnus shows nicely:
>
> ,----
> | [[PGP Encrypted Part:OK]]
> |
> | [[PGP Signed Part:Good signature from 5CA8B9B7XXXXXXXX XXXXXX
> | X. XXXXXXXXXX <XXXXXX@XXX.XX> (trust full) created at
> | 2022-10-31T09:54:05+0000 using RSA]]
> `----
>
> but now I got an e-mail from someone using S/MIME, and despite reading
> that GnuPG should be able to handle S/MIME certificates, I'm not sure
> how to do it. Is there something similar to `epa-search-keys` but for
> certificates? I guess since we are dealing with certificates here, I
> don't need to get the individual certificate of this person, but just
> the certificate for the Certification Authority, but how to find the
> certificate, and how to do the equivalent of the signing above, so trust
> will go from "undefined" to "full"?
>
> ,----
> | [[S/MIME Signed Part:Good signature from
> | DD733F6DFA9EBA0303FXXXXXXXXXXXXXXXXXXXXX /CN=XXXXX XXXXXX XXXXXX
> | XXXXXXXX/O=Instituto de Astrofisica de Canarias/STREET=Calle Vía
> | Láctea, s\x2fn/ST=Santa Cruz de Tenerife/C=ES (trust undefined)]]
> `----
>
> Thanks for any pointers.
>
> Cheers,

How did you make Gnus display those nice messages?  My Gnus doesn't do
that (but ask me for password for decrypting mails).

-- 
Akib Azmain Turja

Find me on Mastodon at @akib@hostux.social, and on Codeberg (user
"akib").

This message is signed by me with my GnuPG key.  Its fingerprint is:

    7001 8CE5 819F 17A3 BBA6  66AF E74F 0EFA 922A E7F5

Attachment: signature.asc
Description: PGP signature

reply via email to
[Prev in Thread] Current Thread [Next in Thread]