Re: Complaints about GPG Key

[Pawel Salek <pawsa theochem kth se>]

On 12/08/2008 08:36:08 PM, Albrecht Dreß wrote:
> Am 08.12.08 19:52 schrieb(en) Geoffrey Leach:
> > Popup begins, "Checking the signature ....". The mail item itself  
> > has a little red padlock (cute!) and a note at the bottom that  
> > begins, "PGP signature: The signature could not be verified due to a  
> > missing key."
>
> Well, the last message says it all...  the gpg engine ejects with a  
> fatal error.  Methods to solve this effect:
>
> - Add the statement "keyserver-options auto-key-retrieve" to your  
> ~/.gnupg/gpg.conf file.  Gpg will then automagically try to retrieve  
> the key.  Basically, there is no good reason why you shouldn't add  
> these keys to you local key ring; if you don't sign them, you don't  
> trust them, and consequently balsa will show you a yellow padlock.   
> However, it still can check the integrity of the message itself (this  
> is how the "web of trust" is supposed to work).
>
> - Right-click on the mailbox folder, select Properties, and say  
> "never" for "Decrypt and check signatures automatically".  As to  
> check a signature or to decrypt an encrypted message, you now have to  
> use the button in the headers box manually.  The message will pop  
> only if you issue the check.

Is there any way we can help the user with it? Can we provide the  
information as above somehow? It feels that auto-key-retrieve should be  
default, can balsa make it easier for the user to set it as default.  
Say, when balsa starts up, it could check for the presence of this  
option, and if absent, display a dialog (that can be disabled with a  
simple "don't show it again").

Pawel