PGP/MIME signature verification

Jameson Rollins jrollins at finestructure.net
Mon Dec 20 10:22:07 PST 2010


On Sat, 27 Nov 2010 14:35:03 -0500, Daniel Kahn Gillmor <dkg at fifthhorseman.net> wrote:
> the signature-verification branch on my git repo [0] contains functional
> PGP/MIME signature verification if you supply the --verify argument to
> 
>  notmuch show --format=json
> 
> It relies on gpg being in the path, and on the user having the signer's
> key in their gnupg keyring.

I was able to merge dkg's signature-verification branch on top of
cworth's current master head (b3caef1f) with only a tiny
easily-resolvable conflict.  It seems to work exactly as advertised, and
I wholeheartedly approve and endorse this patch set for inclusion
upstream:

Approved-and-Tested-By: Jameson Rollins <jrollins at finestructure.net>

I have pushed a merged "signature-verification" branch to my repo, along
with a single commit to fix an errant newline in the json --verify
output:

git://finestructure.net/notmuch

Carl: can you give an indication of whether or not you intend to
ultimately accept this patch set?  If so, I would like to start work on
representing signature verification information in the emacs UI.  I want
to make sure that we're good with this effort first, though.

We should probably also start a conversation about how best to represent
the signature verification info.  I'll bring that up in a separate
thread, though.

dkg: again, great work on this!  Thanks!

Next up: decrypting!

jamie.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 835 bytes
Desc: not available
URL: <http://notmuchmail.org/pipermail/notmuch/attachments/20101220/749f9af2/attachment.pgp>


More information about the notmuch mailing list