Re: [off-topic?] X-PGP- headers (was Re: Suggestion: pgpmimeuser command)

[David T-G]

Daniel --

...and then Daniel González Gasull said...
% Hi! :-)
% 
% Myself wrote To Mutt users:
% 
% > list to ask it, but, are there any standard email
% > headers to say something like this?:

This was the important part of your first post, we note.


% > 
% > X-PGP-Advocacy: Hey, I prefer to receive messages encrypted with PGP
% > X-PGP-PubKey: 0xEEA93A69
% > X-PGP-FingerPrint: A3 8C 93 C0 B8 47 78 0C  37 85 44 59 63 32 8A 68
% > X-PGP-KeyServer: http://keyserver.foo.org
% > 
% > Then perhaps the MUAs will be able to automatically
% > reply a message encrypted retrieving the public key

gpg, BTW, can already be configured to automatically retrieve any unknown
keys from your favorite keyserver.  And it even supports multiple
keyrings, so your "normal" keyring won't be too ugly.


...
% David T-G <[EMAIL PROTECTED]> wrote To Mutt users:
% 
% > I don't know of any standard way to put X-PGP*
% > headers into your outgoing email, and so you can
% > do it any way you wish, but mutt can match on
% > arbitrary headers (and then execute commands)
% > if you can only get other folks to craft those
% > headers for you...
% 
% Cannot Mutt create a standard similar to this?

mutt, while doing Everything Right and sucking much less than any other
mail program, is not the vehicle for standards creation; that's what RFCs
are for.  Someone else who loves some other mailer might just decide to
do the same thing only differently, and then you have to different
"standards" out there bot floating in limbo.

I vaguely recall this happening before with some header, like perhaps
X-Mailer:, and it created something of a mess a few years down the line.


% 
% Most of the people today is using no cryptography in
% their email messages, even the people who knows or

I think we'll change this more through education and popularization than
through creating a "standard" that is supposed to help people find the
info about the keyid.  So start signing everything you send, and put that
stuff in your headers if you wish, and put a link to PGP sources (or your
own private "this is how to work this PGP stuff" web page) in your header
or .sig, and wait for folks to flock to your door -- er, email address.


% use PGP.  It's because nobody wants to download the
% key, add it to the public keyring, reply the
% message, and then delete a key that you probably
% won't use any more.  Too much work.  A standard as I
% say would make people use PGP with any guy who
% already use PGP.  Then more of the message we
% send/receive would be encrypted.

If you want that, then all you should need is gpg.


% 
% What do you think?

It's certainly fine if you start putting that in the headers of your
messages, but I wouldn't expect mutt to lead that charge...


% 
% Thank you in advance.

HTH & HAND


% 
% -- 
% Daniel González Gasull   __  Eighty percent of air
% [EMAIL PROTECTED]   ,  ," e`-o   pollution comes from
% PGP RSA key 1024/EEA93A69  (( (  | _,'   plants and trees.
%   A3 8C 93 C0 B8 47 78 0C   \\~--' `-'/   -- Ronald Reagan,
%   37 85 44 59 63 32 8A 68   /) .___. )   famous movie star
%((_(   ((_(  hjw  


:-D
-- 
David T-G   * It's easier to fight for one's principles
(play) [EMAIL PROTECTED]  * than to live up to them. -- fortune cookie
(work) [EMAIL PROTECTED]
http://www.bigfoot.com/~davidtg/Shpx gur Pbzzhavpngvbaf Qrprapl Npg!
The "new millennium" starts at the beginning of 2001.  There was no year 0.
Note: If bigfoot.com gives you fits, try sector13.org in its place. *sigh*


 PGP signature

Re: Suggestion: pgpmimeuser command

[David T-G]

Daniel --

My, I'm busy this morning :-)

...and then Daniel González Gasull said...
% Hi! :-)
% 
% David T-G <[EMAIL PROTECTED]> wrote To Mutt users:
% 
% > You may find everything you wanted for the
% > pgpmimeuser setting in v1.2 and up (currently
% > 1.2.2 AFAIK), since there is now a clearsign mode.
...
% 
% Thanx.  I've just installed Mutt 1.2i.  But with it
% I can send application/pgp messages, but not
% text/plain messages with PGP (unless I use a
% script).

Ah, but you can.  Take a look at contrib/pgp6.rc in the source tree, and
pay particular attention to the lines

  # create a pgp/mime signed attachment
  set pgp_sign_command=...
  # create a pgp/mime encrypted attachment
  set pgp_encrypt_only_command=...
  # create a pgp/mime encrypted and signed attachment
  set pgp_encrypt_sign_command="...
  # create a clearsigned message
  set pgp_clearsign_command=...

and let us know how that works for you.  I hsould think that it would
work for any version of PGP, but it's only in the pgp6 file.


% 
% The fact is that I only use PGP with people who
% cannot manage PGP/MIME or application/pgp messages.

Fine; a few folks are in that position.


% 
% I suggest that it can be added to Mutt.

Your wish has been granted :-)  You should have been here a year ago to
see the religious wars about this!


% 
% -- 
% Daniel González Gasull   La gente tiene poco
% [EMAIL PROTECTED] .~.control sobre la
% PGP RSA key 1024/EEA93A69 /V\globalización.
%   A3 8C 93 C0 B8 47 78 0C// \\-- Manuel Castells
%   37 85 44 59 63 32 8A 68   /(   )\  
%  ^`~'^   


:-D
-- 
David T-G   * It's easier to fight for one's principles
(play) [EMAIL PROTECTED]  * than to live up to them. -- fortune cookie
(work) [EMAIL PROTECTED]
http://www.bigfoot.com/~davidtg/Shpx gur Pbzzhavpngvbaf Qrprapl Npg!
The "new millennium" starts at the beginning of 2001.  There was no year 0.
Note: If bigfoot.com gives you fits, try sector13.org in its place. *sigh*


 PGP signature

Re: Suggestion: pgpmimeuser command

[David T-G]

Daniel --

You may find everything you wanted for the pgpmimeuser setting in v1.2
and up (currently 1.2.2 AFAIK), since there is now a clearsign mode.
With a [few] send-hook[s], you should be able to define whatever settings
you wish for whatever recipients you have.  You shouldn't have ever had
to go to an external script anyway; a macro would have done the trick
for you nicely...

I don't know of any standard way to put X-PGP* headers into your outgoing
email, and so you can do it any way you wish, but mutt can match on arbitrary
headers (and then execute commands) if you can only get other folks to craft  
those headers for you...


At any rate, thanks for your ideas, and keep thinking :-)

:-D
-- 
David T-G   * It's easier to fight for one's principles
(play) [EMAIL PROTECTED]  * than to live up to them. -- fortune cookie
(work) [EMAIL PROTECTED]
http://www.bigfoot.com/~davidtg/Shpx gur Pbzzhavpngvbaf Qrprapl Npg!
The "new millennium" starts at the beginning of 2001.  There was no year 0.
Note: If bigfoot.com gives you fits, try sector13.org in its place. *sigh*


 PGP signature