Re: [Evolution] Evolution/GPG

[Tom <tom prost-net de>]

Am Sonntag, den 21.02.2016, 01:42 +0100 schrieb Stig Roar Wangberg:
(...) 
> > > > > > Signature exists but the public key however is
> > > > > > needed/required. 
> > > > > > or
> > > > > > gpg: Signature at the Sa 20 Feb 2016 16:56:34 CET with RSA key,
> > > > > > ID
> > > > > > 7C174863, is carried out. 
> > > > > > gpg: Signature cannot be checked: Public key not found.
> > > > >
> > > > > Oh, I was expecting this from others, like when I don't trust or
> > > > > sign
> > > > > their keys. Hm. I didn't expect from my own private key. So I
> > > > > have to
> > > > > sign and trust my own key too! Like gpg --sign, and level of
> > > > > trust. I
> > > > > wonder if I should trust myself with level 5 ... ;)
> > > > So your expectation is right. Me - as OTHER one - can't trust the
> > > > sender
> > > > is really YOU as far as not having your public key to check if it
> > > > fits
> > > > the private key you signed your mail with. Keeps me hanging on if I
> > > > don't know where to get your public key, except you would be so
> > > > kind to
> > > > send it to me. Easiest way was to include it in your mail
> > > > somewhere.
> > > > I don't know, how Evolution exactly handles this, but the
> > > > mechanisms of
> > > > PKI are simple at last ...
> > >
> > > What happens if you run gpg --recv-keys 7C174863 ? That will give you
> > > my
> > > public key, right? You can also type in my email address in
> > > gpg.mit.edu.
> > > But I'm really curious if my public key-block is supposted to be
> > > attached to my signature? The 7C174863 is already there, yes? I don't
> > > know what people usually do. Probably compare the fingerprints with
> > > each
> > > other before they sign and trust. How Evolution works, I really don't
> > > know. 
> > >
> > > My key weren't confirmed in my sent messages before I trusted my own
> > > key. So I guess that's what other people that trust me have to do
> > > too. 
> >
> > IMHO your public key should be attached/sent with your signature. In
> > that case I could store your public key on my system (evolution) and
> > use it directly to encrypt my messages sent to you.
> > Naturally I could
> > search on gpg.mit.edu, but getting the public key directly would make
> > my life more easy!
> >
> > -- 
> > Rudolf Künzli - rudolf kunzli gmail comSkype: rudolf.kunzli
>
> I don't know how to do that in Evolution. You mean you want my public
> key-block attached as an file (pubkey.asc)? I would think that that
> would be even more work than just typing in gpg --recv 7C174863. 

... for you - yes :-)))