Daniel Kahn Gillmor <dkg@fifthhorseman.net> writes:
> Daniel: on your remote host, have you tried fetching the relevant keys
> into your gpg keyring?  you don't need to create any secret key material
> on the remote host, just fetch the keys as you normally would any other
> user's public key material; then you'll want to mark your own key as
> "ultimately" trusted on the remote host.

This works. Thanks a lot!

> you'll want to maintain this public keyring on that host to be able to
> verify the messages, but you don't need to do anything else with it.
>
> this makes me wonder if the actions that get triggered on those
> "unverified" crypto buttons in the display interface need to be
> customizable to send the commands to a remote gpg as well, instead of
> assuming that they are local.

Yeah, it would be good if there were a hook to be able to send to remote
gpg... because everything else works so smoothly with simple
wrappers. Even if it were just a matter of setting a custom gpg command
(like gpg-notmuch, which would be a shell script that would send the
calls to the remote gpg).

With notmuch, I can just override the command itself, because there is
no local meaning... but I obviously don't want to override gpg globally
- only in the context of adding public keys.