On 06/28/2013 11:05 AM, David Bremner wrote:
> Daniel Patterson <dbp@dbpmail.net> writes:
> 
>> One thing I forgot to mention - I have notmuch running on a remote
>> server through ssh. I don't really imagine this would be an issue, but
>> maybe? (I also have the library installed locally, for emacs).
> 
> The verification of the message happens in the notmuch CLI, so on the
> the remote host. I guess the downloading is happening on the local host,
> so that is quite possibly the problem.

i'm quite sure this is the problem, that was a relevant bit of info to
include :)

Daniel: on your remote host, have you tried fetching the relevant keys
into your gpg keyring?  you don't need to create any secret key material
on the remote host, just fetch the keys as you normally would any other
user's public key material; then you'll want to mark your own key as
"ultimately" trusted on the remote host.

So, for example, on the remote host:

 gpg --keyserver ha.pool.sks-keyservers.net --recv
0x36EEAD9EA53D20B79C383EED2747EC48A98D4AF0

 gpg --edit-key 0x36EEAD9EA53D20B79C383EED2747EC48A98D4AF0 trust

you'll want to maintain this public keyring on that host to be able to
verify the messages, but you don't need to do anything else with it.

this makes me wonder if the actions that get triggered on those
"unverified" crypto buttons in the display interface need to be
customizable to send the commands to a remote gpg as well, instead of
assuming that they are local.

please report back with how that works for you!

	--dkg