diff options
Diffstat (limited to 'doc/PGP-Notes.txt')
| -rw-r--r-- | doc/PGP-Notes.txt | 187 |
1 files changed, 187 insertions, 0 deletions
diff --git a/doc/PGP-Notes.txt b/doc/PGP-Notes.txt new file mode 100644 index 00000000..82be1b20 --- /dev/null +++ b/doc/PGP-Notes.txt @@ -0,0 +1,187 @@ + + + + USING PGP FROM WITHIN MUTT + + + Thomas Roessler <roessler@guug.de> + Fri Jun 5 12:28:52 CEST 1998 + + +While encryption, verification and signing of messages are +done by an externally invoked PGP binary, the key +selection process is handled by mutt itself. The public +key ring (2.6 or 5.0 format) is parsed; PGP's cached trust +parameters are evaluated and used to select the proper +numerical key IDs for a message's recipients. These key +IDs are then passed to the external PGP binary on the +command line. + +The current document contains a short description of the +PGP related configuration options mutt permits you to set, +and some frequently asked questions and tips with respect +to using Mutt with PGP. + + +PGP settings +------------ + +There are quite a few aspects of mutt's PGP usage you may +want to customize. First, you can use different versions +of PGP for composing and decrypting/verifying messages, +and for handling key ring stuff. These versions are +controlled by the following set of variables: + + pgp_default_version + pgp_send_version + pgp_receive_version + pgp_key_version + +Valid values for all of these variables include "pgp5" and +"pgp2". + +The last three variables may be set to "default" (which is +the default); in this case, the value of +$pgp_default_version will be used. + + +$pgp_send_version controls the version of pgp used for +composing new messages. $pgp_receive_version is used for +decrypting messages and verifying signatures. +$pgp_key_version is the one which is used for key ring +operations (importing keys from messages, exporting keys +from your public key ring). + +Since the different PGP versions may use different key +rings and need different language settings, the following +variables can be used to configure these aspects: + + - Language settings: + $pgp_v2_language, $pgp_v5_language + + - Public key ring: + $pgp_v2_pubring, $pgp_v5_pubring + + - Secret key ring: + $pgp_v2_secring, $pgp_v5_secring + + - PGP itself: + $pgp_v2, $pgp_v5 + + Note that PGP 5 comes in several binaries (pgps, pgpk, + pgpv, pgp). Mutt assumes that these binaries reside + in the same directory; $pgp_v5 should point to the + "pgp" binary from PGP 5. + +For all of these variables, we use "reasonable" defaults +which should work for most users. + +Support for the GNU Privacy Guard (GPG) is currently +worked on. + + +The value of the variable $pgp_sign_micalg will show up in +the "micalg" parameter of MIME headers when creating RFC +2015 signatures. + +Valid values are "pgp-md5", "pgp-sha1", and "pgp-rmd160". + +If you select a signing key using the "sign as" option on +the compose menu, mutt will automagically figure out the +correct value to put into this variable, but it does not +know about the user's default key. + +So if you are (by default) using an RSA key for signing, +set this variable to "pgp-md5", if you use a PGP 5 DSS key +for signing, say "pgp-sha1". + + + +Frequently Asked Questions and Tips +----------------------------------- + +Q: "How do it get PGP 5 support working?" + +It should work out of the box - just put the following +into your ~/.muttrc: + + set pgp_default_version=pgp5 + + +Q: "People are sending PGP messages which mutt doesn't + recognize. What can I do?" + +Add the following lines to your ~/.procmailrc (you are +using procmail, aren't you?): + +------------------------------ + + ## + ## PGP + ## + + :0 H + * ^Content-Type: text + { + :0 fBw + * ^-----BEGIN PGP MESSAGE----- + | formail -I "Content-Type: application/pgp; format=text; x-action=encryptsign" + + :0 fBw + * ^-----BEGIN PGP SIGNED MESSAGE----- + | formail -I "Content-Type: application/pgp; format=text; x-action=sign" + } + + ## + ## Add a "Content-Type: application/pgp" header so Mutt will know the + ## mail is encrypted. + ## + + :0 fBw + * ^-----BEGIN PGP MESSAGE----- + | formail -a "Content-Type: application/pgp; format=text; x-action=encryptsign" + + ## + ## Add a "Content-Type: application/pgp" header so Mutt will know the + ## mail is signed. + ## + + :0 fBw + * ^-----BEGIN PGP SIGNED MESSAGE----- + | formail -a "Content-Type: application/pgp; format=text; x-action=sign" + +------------------------------ + + +Q: "I don't like that PGP/MIME stuff, but want to use the + old way of PGP-signing my mails. Can't you include + that with mutt?" + +No. Application/pgp is not really suited to a world with +MIME, non-textual body parts and similar things. Anyway, +if you really want to generate these old-style +attachments, include the following macro in your ~/.muttrc +(line breaks for readability, this is actually one line): + + macro compose S "Fpgp +verbose=0 -fast + +clearsig=on\ny^T^Uapplication/pgp; format=text; + x-action=sign\n" + + + +Q: "I don't like all the ^Gs and various other verbosity + PGP is presenting me with." + +Roland Rosenfeld <roland@spinnaker.rhein.de> has found a +quite elegant solution to this problem: PGP has some +pretty good foreign language support. So we just +introduce a language called "mutt" which contains empty +strings for the messages we don't want to see. To use +this, copy either language.txt or language50.txt +(depending on what PGP version you are using) to your +$PGPPATH and add the following line to your muttrc: + + set pgp_language="mutt" + +For PGP 2.6, a German version called "muttde" is available +as well. |