Copyright (C) 2000-2012 |
GNU Info (mailcrypt.info)Key FetchingKey Fetching ************ Mailcrypt knows how to fetch PGP public keys from the key servers (Note: Key Servers). The function `mc-pgp-fetch-key' is bound by default to `C-c / k' in both `mc-read-mode' and `mc-write-mode'. Additionally, `mc-encrypt', `mc-decrypt', and `mc-verify' will offer to call this function to automatically fetch a desired key. If you call it manually, it will prompt you for the User ID of the key to fetch. The variable `mc-pgp-fetch-methods' is a list of ways to attempt to fetch a key. (More precisely, it is a list of functions to be called, each of which will attempt to fetch the key.) The methods will be tried in the order listed. The default list is: '(mc-pgp-fetch-from-keyrings mc-pgp-fetch-from-finger mc-pgp-fetch-from-http) For a description of these functions, see the following sections. If you are not directly on the Internet, you probably want to obtain a copy of the global public key ring from the keyservers, install it somewhere under the name `public-keys.pgp', and do: (setq mc-pgp-fetch-methods '(mc-pgp-fetch-from-keyrings)) (setq mc-pgp-fetch-keyring-list '("/blah/blah/blah/public-keys.pgp")) This will allow you to fetch keys from your local copy of the global key ring instead of sending requests to the key servers directly (Note: Keyring Fetch). Alternately, if your organization has a proxy HTTP server, you can configure Mailcrypt to use that. See Note: HTTP Fetch. If the key is found, you will be shown the result of running PGP on it locally. This allows you to inspect the signatures on the key _relative to your own keyring_ before you consent to having it added. *Inspect the signatures carefully!* Key distribution is often the Achilles' heel of public key protocols. If you blindly use keys obtained from the key servers, you are asking for trouble. All of the methods use `mc-pgp-fetch-timeout' as a timeout in seconds; the default value is 30.
automatically generated by info2www version 1.2.2.9 |