Hi there,
> Sometimes I view mails with an OpenPGP signature without having the
> corresponding certificate, then I get the error:
>
> > Can't verify due to a missing key or certificate
>
> Does anyone have a good macro to retrieve that specific OpenPGP
> certificate and re-check the signature?
I’m not aware of any such built-in functionality. Mainly because there
are too many ways to do that.
One way to deal with it could be to feed the sender’s address to GPG and
try to find the key through the usual channels:
gpg --auto-key-locate clear,nodefault,wkd,dane,cert,pka,keyserver
--locate-keys sen...@example.org
Nicer yet if there was an external script that would extract the sender
from the email on its own, and then use `pipemessage`.
But that’s not covering all the cases yet: there are headers that should
be considered:
- Autocrypt (may contain the public key)
- OpenPGP (may contain the key ID or a URL to the public key)
When you have the key ID, you can start searching on other places yet,
like keybase.io.
So, what I’m saying is: I don’t know of such a macro or such a script;
but I suspect someone somewhere on the internet must have written it!
Please let me know if you find such a script!
Robert
