[horde] Importing PGP keys

Arjen de Korte arjen+horde at de-korte.org
Thu Aug 27 13:40:06 UTC 2015

Citeren Stefan Suurmeijer <stefan at raptorweb.nl>:

> Hi Jan/List,
> a different question: the PGP encryption option in webmail is great, but
> is it strictly necessary to manually import a public key for every
> recipient you want to send to?

Yes. If you want/need to send encrypted messages, you must make  
absolutely sure that the public keys belongs to the person you want to  
send a message to (and not from someone who is impersonating this  
person and uploaded a rogue key to the public keyservers). Horde can't  
do that for you automatically, this needs to be done by other means  
(checking in person, web-of-trust, etc).

> If so, what is the keyserver option under horde -> gnupg for, if not for
> importing keys?

For verifying signatures. Even then, if a key was found on a public  
keyserver, Horde will show that the signature is valid, but still  
emits a warning that it is not trusted.

This message was sent from a mailinglist subscription address.
For off-list replies, you must remove the address extension.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 473 bytes
Desc: PGP digitale ondertekening
URL: <http://lists.horde.org/archives/horde/attachments/20150827/7679ba4c/attachment.bin>

More information about the horde mailing list