On 12 Oct 2002 00:20:53 -0400, Robert L. Cochran wrote: > I notice that some of you are using digital signatures now, and I want > to do that also. If you've watched my habits on these lists, you probably have noticed that most of the time I haven't signed my messages. Unfortunately, there are both address harvesters and virus-infected users reading these lists. The most recent incident where a virus-infected message was mass-mailed with the name of Chris Kloiber made me reconsider. I'm signing my messages with GPG signatures by default again. Especially since I have planned to switch public mail addresses more frequently when spam requires it. > Is there a good getting-started document on this, > especially with respect to digitally signing emails in Evolution? In Menu > Tools > Mail Settings > Edit > Security enter the user ID or key ID of your PGP/GPG key, e.g. in my case it's "mschwendt". To optionally sign a message, check Menu > Security > PGP Sign in the compose window. Docs on GNUPG can be found via $ rpm -qd gnupg for instance, or the web, of course. ;) > When I see a digitally signed mail from, say, Michael Schwendt, I'm > invited to click on the "lock" icon which appears below the text of > his mail. The lock opens and I get several lines of text to he effect > that the authenticity of the email could not be verified because the > public key isn't available. Since Michael is not including his public > key in the email -- That would be a NO, NO! If I included my public key with each message, would you notice if anyone replaced the key and signed the message with the replaced key? > at least, Evolution shows me nothing -- I assume > he (and several others) are using key servers. How can I point > Evolution to the right key servers? If need be, GNUPG can be configured like that in ~/.gnupg/options. However, it can also be the source of nasty delays. And not every key is on the keyservers.
Attachment:
pgp00116.pgp
Description: PGP signature
