trinity-users@lists.pearsoncomputing.net

Message: previous - next
Month: April 2018

Re: Re: Kmail-TDE-PM-pgp

From: deloptes <deloptes@...>
Date: Mon, 30 Apr 2018 18:52:56 +0200
Gene Heskett wrote:

> Heck, I've fooled around because I do get signed messages, but I've yet
> to figure out how to get a successfull verification that the signage is
> correct. Setup needs help with setup.  Humm, isn't that a circular
> dependency? ;-/

If you use Kmail or Knode it would do the work for you. You just need to
maintain your keylists properly - perhaps in Kgpg. So as soon as you verify
a key, you alter the key trust level - the next time you open an email
signed with the key, it should show green, or yellow.

Otherwise you can use gpg on the command line to verify the message. The
purpose of the signature is to verify that this is exactly the message,
that was sent, so the whole message is passed trough gnupg. The signature
can also be used to identify the public key of the sender

I don't see redundancy - just another level of work (likebehind the
curtains).

regards