From 5929eabef63e0167ead14a81f30097c9397f7ee4 Mon Sep 17 00:00:00 2001 From: Daniel Kahn Gillmor Date: Thu, 25 Jul 2019 12:38:52 -0400 Subject: Add email-extract-openpgp-certs Hopefully this tool is useful for other people, not just for myself and Anarcat. Signed-off-by: Daniel Kahn Gillmor --- email-extract-openpgp-certs.1.pod | 57 +++++++++++++++++++++++++++++++++++++++ 1 file changed, 57 insertions(+) create mode 100644 email-extract-openpgp-certs.1.pod (limited to 'email-extract-openpgp-certs.1.pod') diff --git a/email-extract-openpgp-certs.1.pod b/email-extract-openpgp-certs.1.pod new file mode 100644 index 0000000..8b7916e --- /dev/null +++ b/email-extract-openpgp-certs.1.pod @@ -0,0 +1,57 @@ +=head1 NAME + +email-extract-openpgp-certs - extract OpenPGP certificates from an e-mail + +=head1 SYNOPSIS + +B < B | B B<--import> + +=head1 DESCRIPTION + +B extracts all the things it can find +that look like they might be OpenPGP certificates in an e-mail, and +produces them on standard output. + +It currently knows about how to find OpenPGP certificates as +attachments of MIME type application/pgp-keys, and Autocrypt: style +headers. + +=head1 OPTIONS + +None. + +=head1 EXAMPLE + +=over 4 + + $ notmuch show --format-raw id:b7e48905-842f@example.net > test.eml + $ email-extract-openpgp-certs < test.eml | gpg --import + +=back + +=head1 LIMITATIONS + +B currently does not try to decrypt +encrypted e-mails, so it cannot find certificates that are inside the +message's cryptographic envelope. + +B does not attempt to validate the +certificates it finds in any way. It does not ensure that they are +valid OpenPGP certificates, or even that they are of a sane size. It +doeds not try to establish any relationship between the extracted +certificates and the messages in which they are sent. For example, it +does not check the Autocrypt addr= attribute against the message's From: +header. + +Importing certificates extracted from an arbitrary e-mail in this way +into a curated keyring is not a good idea. Better to extract into an +ephemeral location, inspect, filter, and then selectively import. + +=head1 SEE ALSO + +gpg(1), https://autocrypt.org, https://tools.ietf.org/html/rfc4880, https://tools.ietf.org/html/rfc3156 + +=head1 AUTHOR + +B and this manpage were written by Daniel +Kahn Gillmor, with guidance and advice from many others. -- cgit v1.2.3