Some notes on Mutt's PGP integration 1997-12-04, tlr Last updated: 1998-01-06, tlr While encryption, verification and signing of messages are done by an externally invoked PGP binary, the key selection process is handled by mutt itself. The public key ring (2.6 or 5.0 format) is parsed; PGP's cached trust parameters are evaluated and used to select the proper numerical key IDs for a message's recipients. These key IDs are then passed to the external PGP binary on the command line. If PGP 5.0 is present, it should be detected by configure and used by mutt to do the encryption, signature verification etc. "Why doesn't this work with PGP 5.0i-b8?" Because pgp-5.0i-b8 is not usable for our purpose: · pgp-5.0i-b8 doesn't support passing the pass phrase through a previously-openend file descriptor (aka PGPPASSFD). This non-existing feature is required by mutt. · pgp-5.0i-b8 doesn't support redirecting specific parts of it's output to certain file descriptors (aka --OutputInformationFD). Someone suggested to use Expect to get some reasonable behaviour out of 5.0i-b8. If you are interested, write a PGP-2.6-like interface wrapper for 5.0i-b8. This would be quite nice and _very_ helpful to many people around here. As an alternative, someone could start to publish patches based on 5.0i-b8 which could be applied locally - as far as I understand the license terms, this should be legally possible. "Why don't you use the SDK? It's available on the net!" Because there isn't any source code for it and and the binaries have most probably been illegally exported. Additionally, it seems to be Linux and Solaris only. If you really want to play around with it, use it to build a pgp 5.0 application with PGP 2.6's command line interface. The same could be done based on PGP-5.0i-b8's librarys; this would most probably be legally usable outside the United States. Anyway, I can't recommend using any of the 5.0 versions of PGP. Get the latest PGP-2.6.3in from ftp://ftp.iks-jena/pub/mitarb/lutz/crypto/software/pgp/ and use it with mutt - it's working really fine. Or, fetch draft-ietf-openpgp-formats-00.txt from rs.internic.net and start working with the OpenPGP IETF working group (or on an independent and non-US implementation). While PGP, Inc.'s implementation has quite a few problems, the technology as documented in the OpenPGP draft is fine and superior to traditional PGP for various reasons. If you encounter any bugs with mutt's PGP integration, please drop me a short note about what happens, how to reproduce it without illegally exporting PGP 5* from the U.S. and how to fix the problem. I'll happily integrate any fixes with mutt's PGP support. Anyway, don't expect me to do any serious work on the PGP _5_ integration before a reasonable implementation of the OpenPGP standard is available outside of the United States.