Re: PGP/MIME signature verification

Subject: Re: PGP/MIME signature verification

Date: Mon, 20 Dec 2010 13:22:07 -0500

To: Daniel Kahn Gillmor, notmuch

Cc:

From: Jameson Rollins


On Sat, 27 Nov 2010 14:35:03 -0500, Daniel Kahn Gillmor <dkg@fifthhorseman.net> wrote:
> the signature-verification branch on my git repo [0] contains functional
> PGP/MIME signature verification if you supply the --verify argument to
> 
>  notmuch show --format=json
> 
> It relies on gpg being in the path, and on the user having the signer's
> key in their gnupg keyring.

I was able to merge dkg's signature-verification branch on top of
cworth's current master head (b3caef1f) with only a tiny
easily-resolvable conflict.  It seems to work exactly as advertised, and
I wholeheartedly approve and endorse this patch set for inclusion
upstream:

Approved-and-Tested-By: Jameson Rollins <jrollins@finestructure.net>

I have pushed a merged "signature-verification" branch to my repo, along
with a single commit to fix an errant newline in the json --verify
output:

git://finestructure.net/notmuch

Carl: can you give an indication of whether or not you intend to
ultimately accept this patch set?  If so, I would like to start work on
representing signature verification information in the emacs UI.  I want
to make sure that we're good with this effort first, though.

We should probably also start a conversation about how best to represent
the signature verification info.  I'll bring that up in a separate
thread, though.

dkg: again, great work on this!  Thanks!

Next up: decrypting!

jamie.
part-000.sig (application/pgp-signature)

Thread: