Re: gpg integration
Incoming from Florian Lohoff: i am a long time mutt and gpg user but still the gpg integration is kind of lacking. So says you. :-) - I'd like to define recipients including their gpg key id to use. That makes no sense to me. If you're sending to multiple recipients, which key is common to them all? You'd need to send a separate message to each of them signed with their specific key. I think you'd be better off _signing_ the mail with your key. You don't need to involve their keys at all for that. -- Any technology distinguishable from magic is insufficiently advanced. (*) :(){ :|: };: - -
Re: gpg integration
On Wed, Jan 23, 2013 at 10:43:28AM -0700, s. keeling wrote: Incoming from Florian Lohoff: i am a long time mutt and gpg user but still the gpg integration is kind of lacking. So says you. :-) - I'd like to define recipients including their gpg key id to use. That makes no sense to me. If you're sending to multiple recipients, which key is common to them all? You'd need to send a separate message to each of them signed with their specific key. You dont need a common key - The real cipher for the plain mail is a symmetric one which gets attached to the mail encrypted with the gpg keys. Typically with a single recipient the key is attached at least twice - Once encrypted with the real recipient, and once encrypted with your own key. Otherwise you wouldnt be able to read the mails put into your sent folder anymore. There is no limit on the number of recipients that i am aware of, there is a limit which might be sensible to use though as the mail would then contain the symmetric key for every recipient which in my case adds ~500byte per recipient (As for an AES symmetric key and a 4096 bit RSA key). Please try: echo This is my content test gpg -r Bob -r Alice -e test You will get a test.gpg which well be readable by Bob and Alices key. mutt supports this today - you can add multiple recipients and say p b or at least p e and it'll ask for all recipient keys. I'd like to preset this and let mutt automatically detect whether all recipients are actually gpg enabled and only then encrypt and sign (sign only otherwise) I think you'd be better off _signing_ the mail with your key. You don't need to involve their keys at all for that. Aeh!?! I am talking about encrypting large parts of my communication e.g. certain recipients by default, always if all recipients do have a key. And yes - _all_ my mails are signed for more than 10 Years - thats not the problem. Flo -- Florian Lohoff f...@zz.de signature.asc Description: Digital signature
Re: gpg integration
Incoming from Florian Lohoff: On Wed, Jan 23, 2013 at 10:43:28AM -0700, s. keeling wrote: That makes no sense to me. If you're sending to multiple recipients, which key is common to them all? You'd need to send a separate There is no limit on the number of recipients that i am aware of, there I bow to your superior expertise. I had no idea you could stack crypto keys like that, -- Any technology distinguishable from magic is insufficiently advanced. (*) :(){ :|: };: - -
Re: gpg integration
Florian Lohoff wrote: i am a long time mutt and gpg user but still the gpg integration is kind of lacking. - I'd like to define recipients including their gpg key id to use. - Better - Mutt/Procmail could help by looking out for signed mails which tell the recipient has a mail setup which is gpg enabled - On sending email mutt automatically checks if the recipients are _all_ gpg enabled and encrypts automatically with all necessary keys if possible. Hi Florian, I like your idea. Sorry I don't have a solution, but just a general suggestion. At first I thought you might be able to execute a script in a send-hook or send2-hook that would make more intelligent decisions based on the recipients: send-hook . 'source check-for-encryption.sh |' but there doesn't seem to be an obvious way to get at the current message inside the script. Perhaps another solution would be to create a vim/emacs script that could add a 'Pgp: E' pseudo header to the message, based on the To and Cc headers. You would need to turn on $edit_headers for that to work. -Kevin signature.asc Description: Digital signature