gnus: Security
3.31 Security
=============
Gnus is able to verify signed messages or decrypt encrypted messages.
The formats that are supported are PGP, PGP/MIME and S/MIME, however you
need some external programs to get things to work:
1. To handle PGP and PGP/MIME messages, you have to install an OpenPGP
implementation such as GnuPG. The Lisp interface to GnuPG included
with Emacs is called EasyPG (
EasyPG (epa)Top.), but PGG
(PGG (pgg)Top.), and Mailcrypt are also supported.
2. To handle S/MIME message, you need to install OpenSSL. OpenSSL
0.9.6 or newer is recommended.
The variables that control security functionality on
reading/composing messages include:
‘mm-verify-option’
Option of verifying signed parts. ‘never’, not verify; ‘always’,
always verify; ‘known’, only verify known protocols. Otherwise,
ask user.
‘mm-decrypt-option’
Option of decrypting encrypted parts. ‘never’, no decryption;
‘always’, always decrypt; ‘known’, only decrypt known protocols.
Otherwise, ask user.
‘mm-sign-option’
Option of creating signed parts. ‘nil’, use default signing keys;
‘guided’, ask user to select signing keys from the menu.
‘mm-encrypt-option’
Option of creating encrypted parts. ‘nil’, use the first
public-key matching the ‘From:’ header as the recipient; ‘guided’,
ask user to select recipient keys from the menu.
‘mml1991-use’
Symbol indicating elisp interface to OpenPGP implementation for PGP
messages. The default is ‘epg’, but ‘pgg’, and ‘mailcrypt’ are
also supported although deprecated. By default, Gnus uses the
first available interface in this order.
‘mml2015-use’
Symbol indicating elisp interface to OpenPGP implementation for
PGP/MIME messages. The default is ‘epg’, but ‘pgg’, and
‘mailcrypt’ are also supported although deprecated. By default,
Gnus uses the first available interface in this order.
By default the buttons that display security information are not
shown, because they clutter reading the actual e-mail. You can type ‘K
b’ manually to display the information. Use the
‘gnus-buttonized-mime-types’ and ‘gnus-unbuttonized-mime-types’
variables to control this permanently. MIME Commands for
further details, and hints on how to customize these variables to always
display security information.
Snarfing OpenPGP keys (i.e., importing keys from articles into your
key ring) is not supported explicitly through a menu item or command,
rather Gnus do detect and label keys as ‘application/pgp-keys’, allowing
you to specify whatever action you think is appropriate through the
usual MIME infrastructure. You can use a ‘~/.mailcap’ entry (
mailcap (emacs-mime)mailcap.) such as the following to import keys
using GNU Privacy Guard when you click on the MIME button (Using
MIME).
application/pgp-keys; gpg --import --interactive --verbose; needsterminal
This happens to also be the default action defined in
‘mailcap-mime-data’.
More information on how to set things for sending outgoing signed and
encrypted messages up can be found in the message manual (
Security (message)Security.).
Info Catalog
gnus: Duplicate Suppression
gnus: Summary Buffer
gnus: Mailing List