PGP/MIME signature verification

David Bremner david at tethera.net
Mon Dec 13 14:02:41 PST 2010


On Sat, 27 Nov 2010 14:35:03 -0500, Daniel Kahn Gillmor <dkg at fifthhorseman.net> wrote:
> hey folks--
> 
> the signature-verification branch on my git repo [0] contains functional
> PGP/MIME signature verification if you supply the --verify argument to
> 
>  notmuch show --format=json
> 
> It relies on gpg being in the path, and on the user having the signer's
> key in their gnupg keyring.
> 
> The patchset depends on the MIME reorganization produced initially by
> dme (and rebased against 0.5 in my mp3-on-0.5 branch).

I had a look at dkg's patch and it looks reasonable to me. Except for
the small amount of self described "crufty boilplate" which I was too
lazy to understand.  I also compiled and ran it, it seemed to work OK on
the two test cases I had handy.  

I've started writing a testsuite for the Mail::GnuPG perl module;
perhaps the messages in
        
        http://pivot.cs.unb.ca/git/?p=mail-gnupg.git;a=tree;f=t/msg

can be helpful for testing notmuch as well. 

d


More information about the notmuch mailing list