| [ < ] | [ > ] | [ << ] | [ Up ] | [ >> ] | [Top] | [Contents] | [Index] | [ ? ] |
Basic commands such as ‘SPC’ visualize messages signed or encrypted as well. Let's start with a simple example:
S03/18 Kanda PC shop A written estimate |Here is a written esti E03/21 Anonymous Secret message | |
Messages above are marked with ‘S’ and ‘E’, respectively. This means that the body of the first message is signed and that of the second message is encrypted.
PGP/MIME and/or S/MIME also allow to sign and/or encrypt some parts of a message. In this case, these marks do not appear. The ‘S’ or ‘E’ mark appears only when the entire body of the message is signed or encrypted.
The terms "sign" and "encrypt" used above mean the last procedure applied the body is "sign" and "encryption", respectively. The above examples may have been produced with more complex processes. For instance, in the case of the former message, the body may have been signed after encrypting the body. It is likely that some part of the latter message was first signed then the body was encrypted.
If some parts or the entire body is encrypted, Mew asks you to input your pass-phrase to get plain text. Please refer to See section Starting to know what you should pay attention when inputting pass-phrase. The pass-phrase is used to decrypt your secret key. The secret key is then used to decrypt cipher text.
To visualize a cipher message, you need to input your pass-phrase every time you encounter cipher text. This is because Mew does not cache pass-phrases anywhere for security reasons. If you feel this is inconvenient, you can configure Mew to cache your pass-phrase. Please refer to See section Password for more information.
Since decrypted messages are cached for a while, you may not be asked for your pass-phrase at the next time you display the message, even if you are not using the pass-phrase cache.
To verify signatures, senders' public keys are used. Hence you are not asked to type your pass-phrase.
Since Mew automatically verifies signatures and/or decrypts cipher text with a pass-phrase, it is likely that users do not notice that the original message has signatures and/or which parts were encrypted.
To inform users the results of verification of signatures or which parts were decrypted, Mew inserts the X-Mew: field in the header as follows:
X-Mew: <body> PGP decrypted.
Good PGP sign "kazu@example.org" COMPLETE
|
The number enclosed by "<>" indicates which part was protected with PGP. "body" means the body was protected. This example tells us that the body was singed by kazu then encrypted for the reader. Mew first decrypted the message and then verified its signature of the decrypted message. The fact that the signature is valid indicates that no one has modified the content of the message since it was signed by the secret key whose ID is kazu@example.org. The validity of the public key used to verify the signature is "complete". Thus, the receiver can be sure that the public key actually belongs to the user indicated by the ID. That is, this message was verified by a reliable public key AND its results were correct, so no alternation was found.
In the following example, the signature of the body (multipart), is first verified, then part 2 (a message), is decrypted. That is, the composing process was that part 2 is first encrypted then the entire body is signed.
X-Mew: <body multi> Good PGP sign "kazu@example.org" COMPLETE X-Mew: <2 message> PGP decrypted. |
Intelligent users may wonder what happens in the case where a devious person sends a message that contains an invalid X-Mew: field. This is not a problem. First Mew carefully removes the X-Mew: field, and then inserts a valid X-Mew: field into the header.
About PGP/MIME:
X-Mew: informs the user of various other types of results. For example, the lack of availability of a public key, decryption failures, etc. The following example indicates the absence of a public key whose key ID is 0x1B8BF431.
X-Mew: <body multi> No his/her public key. ID = 0x1B8BF431 |
In this case, if you type ‘C-cC-f’, Mew tries fetching this public key. You can interactively select a public key server. If the X-Mew: field does not exist, ‘C-c C-f’ takes the From: field as ID. Also, ‘C-uC-cC-f’ extracts key IDs from fields specified in ‘mew-x-pgp-key-list’ in addition to the X-Mew: field, and then tries to fetch them.
Mew supports PGPv2, PGPv5, and GNUPG. You can select one of these by typing ‘C-cC-v’ in Summary mode. If you want to use those PGPs, you should set the command name of PGPv2, PGPv5, and GNUPG to ‘mew-prog-pgp2’, ‘mew-prog-pgp5’, and ‘mew-prog-gpg’, respectively. Also, set the default PGP name to ‘mew-prog-pgp’. Note that pass-phrases are cached independently for each PGP.
Old fashioned PGP messages cannot be processed automatically. You can decrypt and/or verify this kind messages with ‘C-cC-z’.
| [ < ] | [ > ] | [ << ] | [ Up ] | [ >> ] |
This document was generated by U-X61T\saito on May, 13 2008 using texi2html 1.78.