Re: [Djigzo users] Import PGP keys from E-Mail

Wed, 02 Jul 2014 01:38:27 -0700 


Zitat von Martijn Brinkers <[email protected]>:


On 07/02/2014 10:26 AM, [email protected] wrote:


Zitat von Martijn Brinkers <[email protected]>:


On 07/02/2014 10:05 AM, [email protected] wrote:

we have set "Import keys from e-mail" in the global advanced settings
for PGP, the rest of PGP settings are default. As of today we have no
PGP key in the database and today i detected a mail which should have
leaved a key behind. The header of the mail in question is:

X-Djigzo-Info-PGP-Encoding: PGP/MIME
X-Djigzo-Info-PGP-Signer-KeyID: DEBE62E439E84227
X-Djigzo-Info-PGP-Signature-Valid: False
X-Djigzo-Info-PGP-Signature-Failure: Signer's key with key ID
DEBE62E439E84227
 not found.


Is this because the mailing list software break the signature or what am
i missing here?


Currently only PGP keys which are attached as a application/pgp-keys
attachment are imported, i.e., import of inline keys is not yet
supported. This will be added to a new release as an optional features.
Scanning for inline keys requires scanning the complete email.


Hm, yes i read it and no we have not checked the "inline" case. But
because of "X-Djigzo-Info-PGP-Encoding: PGP/MIME" and

Content-Type: application/pgp-signature; name=signature.asc
Content-Disposition: attachment; filename=signature.asc

inside the mail i thought this should be a matching case, no?


Can you check whether the key was attached as a application/pgp-keys
attachment or whether it was an inline key.


Don't know much about PGP...
So the above is only the crypto checksum, not the actual "certificate"
(public key)??


With S/MIME, normally (although not required) the signing certificate is
embedded within the S/MIME signature. With PGP this is not the case. If
you want to send a key by email, you need to explicitly attach the key.
The Key ID, is something similar to a fingerprint of a certificate. A
long key ID is practically unique (a key ID is generated based on the
fingerprint). You can search for the key with the key ID on the PGP key
servers and import it. Most keys are stored on the key servers (but not
all)
Ok, got it. I guess that is one of the points why PGP is even less used in business environments than S/MIME... 

Regards

Andreas

Attachment: smime.p7s
Description: S/MIME Cryptographic Signature

_______________________________________________
Users mailing list
[email protected]
https://lists.djigzo.com/lists/listinfo/users

Reply via email to