PGP/WhyDoISignEmails: add instructions for automatically importing keys

This commit is contained in:
Mikaela Suomalainen 2012-12-31 17:04:34 +02:00
parent 12d6bea60c
commit faf3189953
2 changed files with 39 additions and 0 deletions

View File

@ -60,6 +60,20 @@ Why do I sign emails, which I send?
</ol>
<h2 id="but-clearsigned-signature-looks-ugly.">But clearsigned signature looks ugly.</h2>
<p>This is the problem of your email client. If you use <a href="https://mozilla.org/thunderbird">Thunderbird or Icedove or Seamonkey</a>, you can probably install <a href="http://enigmail.mozdev.org/home/index.php.html">Enigmail</a> and that signature block gets hidden. If you use some other email client, please report bug for that package in your distribution or upstream bug tracker.</p>
<p><strong>Enigmail doesn't hide the keyblock unless you import the key</strong></p>
<h2 id="importing-keys-automatically">Importing keys automatically</h2>
<p>To import keys automatically (when you receive email/file/whatever that is signed and you don't have the key), you have two options. Remember that this imports keys of other people too, so you will be seeing less large ugly character messes. :)</p>
<h3 id="enigmail">Enigmail</h3>
<p>Go to &quot;OpenPGP&quot; --&gt; &quot;Settings&quot; --&gt; &quot;Show Expert Settings&quot; --&gt; &quot;Keyserver&quot; and enter keyserver address to the second box. I recommend pool.sks-keyservers.net as it's the most popular. (Please note that I am using Enigmail in Finnish so I have translated these places from Finnish to English, they might have different names to you).</p>
<blockquote>
<p>pool.sks-keyservers.net</p>
</blockquote>
<h3 id="gnupg-level">GnuPG level</h3>
<p>If you are using GPG, you can add two lines to your gpg config file. In Linux and Mac that means ~/.gnupg/gpg.conf, with Windows it means C:.conf (or something like that).</p>
<pre><code>keyserver pool.sks-keyservers.net
keyserver-options no-include-revoked auto-key-retrieve</code></pre>
<p>If you are worried about space usage of your public keyring, you can add &quot;import-clean&quot; or &quot;import-minimal&quot; after &quot;auto-key-retrieve&quot;. The first removes all useless signatures from the key (=signatures from keys that aren't in your keyring) and the second removes all signatures from the key.</p>
<p>I am importing keys fully and I have 118 different public keys in my keyring and the space usage is 4,4M. I am on multiple mailing lists where some people use PGP or GPG.</p>
<h2 id="i-am-on-slow-connection-and-your-signature-is-too-big-for-me.">I am on slow connection and your signature is too big for me.</h2>
<p>And what does that have to do with INLINE signature? In PGP/MIME you would download the same mess, but inside signature.asc file.</p>
<h1 id="other-things">Other things</h1>

View File

@ -123,6 +123,31 @@ your distribution or upstream bug tracker.
[Thunderbird or Icedove or Seamonkey]:https://mozilla.org/thunderbird
[Enigmail]:http://enigmail.mozdev.org/home/index.php.html
<strong>Enigmail doesn't hide the keyblock unless you import the key</strong>
## Importing keys automatically
To import keys automatically (when you receive email/file/whatever that is signed and you don't have the key), you have two options. Remember that this imports keys of other people too, so you will be seeing less large ugly character messes. :)
### Enigmail
Go to "OpenPGP" --> "Settings" --> "Show Expert Settings" --> "Keyserver" and enter keyserver address to the second box. I recommend pool.sks-keyservers.net as it's the most popular. (Please note that I am using Enigmail in Finnish so I have translated these places from Finnish to English, they might have different names to you).
> pool.sks-keyservers.net
### GnuPG level
If you are using GPG, you can add two lines to your gpg config file. In Linux and Mac that means ~/.gnupg/gpg.conf, with Windows it means C:\Users\Username\AppData\Roaming\GnuPG\gpg.conf (or something like that).
```
keyserver pool.sks-keyservers.net
keyserver-options no-include-revoked auto-key-retrieve
```
If you are worried about space usage of your public keyring, you can add "import-clean" or "import-minimal" after "auto-key-retrieve". The first removes all useless signatures from the key (=signatures from keys that aren't in your keyring) and the second removes all signatures from the key.
I am importing keys fully and I have 118 different public keys in my keyring and the space usage is 4,4M. I am on multiple mailing lists where some people use PGP or GPG.
## I am on slow connection and your signature is too big for me.
And what does that have to do with INLINE signature? In PGP/MIME you would