Frequently Asked Questions about the use of MailDocumentation
Copyright (C) Alain Williams <addw@phcomp.co.uk>, 2009

SCCS: @(#)FAQ	1.3 07/01/10 12:53:40

This documentation is release under the Creative Commons with Attribution license:

	http://creativecommons.org/licenses/by/2.0/uk/

This means that you can: copy it & make derivative works as long as you acknowledge
this original document.



GPG questions
*************

g 1) I see error messages like:

	gpg: A50C3FC3: There is no assurance this key belongs to the named user
	gpg: cannot open `/dev/tty': No such device or address
	MailDocumentation: Can't encrypt file for addw@phcomp.co.uk

    This is because you have not ascribed a level of trust to that key.
    To do that run the following command and reply to the prompts:

	$ gpg --sign-key 90610026

g 2) I can't get GPG to work.

    The first time that you work with gpg it can be a bit daunting.

    You will need to create GPG/PGP keys for both the account from which you are
    sending email and the one that are sending mail to. For each account run
    the command:

	$ gpg --gen-key

    You are probably running MailDocumentation from cron, so the account (user)
    that this runs as will need to have a key that is not protected with a
    password - so enter the empty string when prompted in the gen-key command above.

    You can see which keys you have with:

	gpg --list-keys

    Next you need to give the sender the recipient's key, the easiest way
    is (as the sender, put the senders key id, not mine):

	$ gpg --keyserver wwwkeys.uk.pgp.net --send-keys 90610026

    Then as the recipient run something like:

	$ gpg --keyserver wwwkeys.uk.pgp.net --search-keys addw@phcomp.co.uk

    You then, as recipient, need to sign the key that you have just acquired:

	$ gpg --sign-key 90610026

    Then test it. A good way is to send a short email, mutt is a good mail
    client to do this with.


g 3) Do I need to copy a key via a key server ?

     No, you can copy it directly as follows:

     1) On the machine (rem) where you have generated a key:
	gpg --list-keys
	gpg --export BAB620E7 --armour > rem.key

     2) Copy rem.key to the machine that will be receiving mail:
	scp rem.key other.machine:

     3) On other.machine import the key:
	gpg --import rem.key
	gpg --sign-key BAB620E7
	gpg --edit-key BAB620E7
	Command> trust
		---- You can enter a high level of trust since you know that it
		---- is trusted: you just copied it by hand.

     In the above you will be prompted, answer the obvious questions. When signing
     the key in step (3) you will be asked for your pass phrase.

g 4) I see error messages like:

	gpg: key A50C3FC3 was created 3462 seconds in the future (time warp or clock problem)

     Either wait long enough so that the key was no longer created in the future, or
     use the --ignore-time-conflict option, eg:

	gpg --ignore-time-conflict --import /tmp/MyRemoteKey
