Return-Path: <dbp@dbpmail.net>
X-Original-To: notmuch@notmuchmail.org
Delivered-To: notmuch@notmuchmail.org
Received: from localhost (localhost [127.0.0.1])
	by olra.theworths.org (Postfix) with ESMTP id 15FA2431FB6
	for <notmuch@notmuchmail.org>; Sat, 29 Jun 2013 08:24:57 -0700 (PDT)
X-Virus-Scanned: Debian amavisd-new at olra.theworths.org
X-Amavis-Alert: BAD HEADER SECTION, Improper folded header field made up
	entirely of whitespace (char 20 hex): X-Spam-Report: ...T_ADDRESS@@
	for details.\n \n Content previ[...]
X-Spam-Flag: NO
X-Spam-Score: 0
X-Spam-Level: 
X-Spam-Status: No, score=0 tagged_above=-999 required=5 tests=[none]
	autolearn=disabled
Received: from olra.theworths.org ([127.0.0.1])
	by localhost (olra.theworths.org [127.0.0.1]) (amavisd-new, port 10024)
	with ESMTP id tpjZjLiiF28f for <notmuch@notmuchmail.org>;
	Sat, 29 Jun 2013 08:24:47 -0700 (PDT)
Received: from dbpmail.net (dbpmail.net [192.81.216.215])
	(using TLSv1 with cipher DHE-RSA-AES128-SHA (128/128 bits))
	(No client certificate requested)
	by olra.theworths.org (Postfix) with ESMTPS id A31B8431FAE
	for <notmuch@notmuchmail.org>; Sat, 29 Jun 2013 08:24:47 -0700 (PDT)
Received: from ip68-230-153-180.ri.ri.cox.net ([68.230.153.180] helo=thinkpad)
	by dbpmail.net with esmtpsa (TLS1.2:DHE_RSA_AES_128_CBC_SHA1:128)
	(Exim 4.80) (envelope-from <dbp@dbpmail.net>)
	id 1Usx11-0000yZ-Ix; Sat, 29 Jun 2013 15:24:44 +0000
From: Daniel Patterson <dbp@dbpmail.net>
To: Daniel Kahn Gillmor <dkg@fifthhorseman.net>,
	David Bremner <david@tethera.net>
Subject: Re: Emacs not finding keys to verify signatures
In-Reply-To: <51CDA80A.9050700@fifthhorseman.net>
References:
 <87sj07a72g.fsf@thinkpad.i-did-not-set--mail-host-address--so-tickle-me>
	<87sj028ovv.fsf@zancas.localnet> <87ehbmpeg5.fsf@mbp.dbpmail.net>
	<87zjua9sxi.fsf@convex-new.cs.unb.ca>	<51CDA80A.9050700@fifthhorseman.net>
User-Agent: Notmuch/0.15.2 (http://notmuchmail.org) Emacs/24.2.1
	(i686-pc-linux-gnu)
Date: Sat, 29 Jun 2013 11:24:31 -0400
Message-ID:
 <878v1tdjo0.fsf@thinkpad.i-did-not-set--mail-host-address--so-tickle-me>
MIME-Version: 1.0
Content-Type: multipart/signed; boundary="=-=-=";
	micalg=pgp-sha1; protocol="application/pgp-signature"
Cc: notmuch@notmuchmail.org
X-BeenThere: notmuch@notmuchmail.org
X-Mailman-Version: 2.1.13
Precedence: list
List-Id: "Use and development of the notmuch mail system."
	<notmuch.notmuchmail.org>
List-Unsubscribe: <http://notmuchmail.org/mailman/options/notmuch>,
	<mailto:notmuch-request@notmuchmail.org?subject=unsubscribe>
List-Archive: <http://notmuchmail.org/pipermail/notmuch>
List-Post: <mailto:notmuch@notmuchmail.org>
List-Help: <mailto:notmuch-request@notmuchmail.org?subject=help>
List-Subscribe: <http://notmuchmail.org/mailman/listinfo/notmuch>,
	<mailto:notmuch-request@notmuchmail.org?subject=subscribe>
X-List-Received-Date: Sat, 29 Jun 2013 15:24:57 -0000

--=-=-=
Content-Type: text/plain

Daniel Kahn Gillmor <dkg@fifthhorseman.net> writes:
> Daniel: on your remote host, have you tried fetching the relevant keys
> into your gpg keyring?  you don't need to create any secret key material
> on the remote host, just fetch the keys as you normally would any other
> user's public key material; then you'll want to mark your own key as
> "ultimately" trusted on the remote host.

This works. Thanks a lot!

> you'll want to maintain this public keyring on that host to be able to
> verify the messages, but you don't need to do anything else with it.
>
> this makes me wonder if the actions that get triggered on those
> "unverified" crypto buttons in the display interface need to be
> customizable to send the commands to a remote gpg as well, instead of
> assuming that they are local.

Yeah, it would be good if there were a hook to be able to send to remote
gpg... because everything else works so smoothly with simple
wrappers. Even if it were just a matter of setting a custom gpg command
(like gpg-notmuch, which would be a shell script that would send the
calls to the remote gpg).

With notmuch, I can just override the command itself, because there is
no local meaning... but I obviously don't want to override gpg globally
- only in the context of adding public keys.

--=-=-=
Content-Type: application/pgp-signature

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)

iQIcBAEBAgAGBQJRzvwvAAoJECdH7EipjUrwpU4P/23cHU/B9rDiZUZHs2cg5p6g
uukk4WLNCvwb8rlO8BQ7lMfyl+1KhSCJR6OEItwzzrR99TeLqOVGqvMVl6WqAiqM
+L0+JT8wUOZ1ll9fr3hcHjBqkxYvf8zqJ+zVpNb+s97vhqjgExObZXMr5kv/Bffu
d/u2qtfpEc2c0vW/4XKD/RPWNyrLKS4ushsWFMefTSNHxhqmwhZfTNMCdNtCNRtD
OD99I43iMnTzlx2q/73GcT+1LapSOiu4Xny2eLmBb3KQl8t5Mn8BzUavyDdw97YV
/eb11mS/LfUndnVtCxcCYkC0F8YQIibnq+PVLm94U8geGws94VsPlmua5V4/tJJn
7AdPqiIrgDiQ94r+J06vlKX6X6xVuK01/SZrxqtoAJRyTyBElWh87KVYq6zUeVs0
vhw6jN8jZgxG/bJEC+OU8s9mMMKBkkC+ylCf2ODjMLN9KNQPUMU4x22gPFNVB6EH
exkiFBCB4VVjiiD4FtQeWoaf+6parcygeZka0BghlkyfGUwp6xWqHA1P+xaIDjeA
o/T12gSgbEnT5b++J8GhKC58Rtv6nKGliZlepvZSRaZxckhFZwNqqCLrH1m+bEOn
XPhoymks3pqPCvWzBhTIjvfZC7e0i/g93URu7bsQyVHRKTwd6RV9Cjh1T0y3e+IW
69EFFYotAHxMq/Q7iwNg
=jwVp
-----END PGP SIGNATURE-----
--=-=-=--