You can read encrypted or signed PGP or GPG messages with MH-E21. This section assumes that you already have a good understanding of GPG and have set up your keys appropriately.
If someone sends you a signed message, here is what you’ll see:
[[PGP Signed Part:Bill Wohler <wohler@stop.mail-abuse.org>]] This is a signed message. [[End of PGP Signed Part]]
If the key for the given signature is not in your keychain, you’ll be given the opportunity to fetch the key from a key server and verify the key. If the message is really large, the verification process can take a long time. You can press C-g at any time to cancel22.
If the signature doesn’t check out, you might see something like this:
[[PGP Signed Part:Failed]] This is a signed message. This is garbage added after the signature was made. [[End of PGP Signed Part]]
If someone sends you an encrypted message, MH-E will ask for your passphrase to decrypt the message. You should see something like this:
[[PGP Encrypted Part:OK]] [[PGP Signed Part:Bill Wohler <wohler@stop.mail-abuse.org>]] This is the secret message. [[End of PGP Signed Part]] [[End of PGP Encrypted Part]]
If there is a problem decrypting the message, the button will say:
[[PGP Encrypted Part:Failed]]
You can read the contents of this button using the methods described in Viewing Attachments. If the message were corrupted, you’d see this:
[[PGP Encrypted Part:Failed] Invalid base64 data]
If your passphrase were incorrect, you’d see something like this:
[GNUPG:] ENC_TO CD9C88BB610BD9AD 1 0 [GNUPG:] USERID_HINT CD9C88BB610BD9AD Bill Wohler <wohler@stop.mail-abuse.org> [GNUPG:] NEED_PASSPHRASE CD9C88BB610BD9AD CD9C88BB610BD9AD 1 0 [GNUPG:] BAD_PASSPHRASE CD9C88BB610BD9AD gpg: encrypted with 1024-bit RSA key, ID 610BD9AD, created 1997-09-09 "Bill Wohler <wohler@stop.mail-abuse.org>" gpg: public key decryption failed: bad passphrase [GNUPG:] BEGIN_DECRYPTION [GNUPG:] DECRYPTION_FAILED gpg: decryption failed: secret key not available [GNUPG:] END_DECRYPTION gpg exited abnormally: '2'
The appearance of the buttons is controlled by the faces
mh-show-pgg-good
, mh-show-pgg-bad
, and
mh-show-pgg-unknown
depending on the validity of the signature.
The latter is used whether the signature is unknown or untrusted.
MIME Security with OpenPGP is documented in RFC 3156. However, MH-E can also decrypt old-style PGP messages that are not in MIME format.
Unfortunately in the current version, the validation process doesn’t display a message so it appears that MH-E has hung. We hope that this will be fixed in the future.