Hello,
I'm using mutt-1.7.0 with gpgme (newest self compiled version of gnupg).
For me all mails in the above thread have a valid signature with the
exception of the last two from Jean-Christophe Bach. But I'm pretty sure it is
because you clock is wrong. Because you're signature is from 1970:
[-- Begin signature information --]
*BAD* signature from: Jean-Christophe Bach (personal address) <jc.bach@???>
aka: Jean-Christophe Bach (www.april.org) <jcbach@???>
aka: Jean-Christophe Bach (www.fsf.org) <jc.bach@???>
aka: Jean-Christophe Bach (Personal - LDN infrastructure) <jc@???>
created: Thu Jan 1 01:00:00 1970
[-- End signature information --]
Can you check your local time?
For others, this is how I build gnupg:
apt-get install texinfo transfig bison flex libbz2-dev libsqlite3-dev \
libgnutls28-dev pkg-config libusb-1.0-0-dev libssl-dev \
libpam0g-dev checkinstall yubikey-server-c
Find the build script, my GPG, GPGSM, GPGAgent configuration attached. In mutt
I just have configured:
set crypt_use_gpgme=yes
This is how I currently import SMIME certificates:
# On the workstation where gpg-agent is running:
# Import root certificate
gpgsm --import root.ca
# Trust Root Certificate
gpgsm -k --with-validation
# Import Keypair p12 or pem
gpgsm --import thomas_glanzmann_2018_09.p12
# On the remote system that invokes gpgsm git gpg agent forwarding:
vim .gnupg/gpgsm.conf
encrypt-to 0x11FC2AA1
include-certs -1
References:
http://wiki.mutt.org/?MuttGuide/UseSMIME
http://www.schmut.com/cheat-sheets/s-mime-key-management
https://wiki.netbsd.org/users/wiz/mutt-smime/
I'm using a yubikey 4 smartcard with my GPG key on it. Which I use with ssh
agent forwarding and gpg agent forwarding from my local machine to a remote
machine, where I run mutt. The smime key is on my local disk but encrypted with
a local transport passphrase. So are revoked old gpg keys.
Cheers,
Thomas
(text/plain)