Mailcrypt knows how to fetch PGP public keys from the key servers
(see Key Servers). The function
mc-pgp-fetch-key is bound by
default to C-c / k in both
mc-verify will offer to call this function
to automatically fetch a desired key. If you call it manually, it will
prompt you for the User ID of the key to fetch.
mc-pgp-fetch-methods is a list of ways to attempt to
fetch a key. (More precisely, it is a list of functions to be called,
each of which will attempt to fetch the key.) The methods will be tried
in the order listed. The default list is:
'(mc-pgp-fetch-from-keyrings mc-pgp-fetch-from-finger mc-pgp-fetch-from-http)
For a description of these functions, see the following sections.
If you are not directly on the Internet, you probably want to obtain a
copy of the global public key ring from the keyservers, install it
somewhere under the name `
public-keys.pgp', and do:
(setq mc-pgp-fetch-methods '(mc-pgp-fetch-from-keyrings)) (setq mc-pgp-fetch-keyring-list '("/blah/blah/blah/public-keys.pgp"))
This will allow you to fetch keys from your local copy of the global key ring instead of sending requests to the key servers directly (see Keyring Fetch). Alternately, if your organization has a proxy HTTP server, you can configure Mailcrypt to use that. See HTTP Fetch.
If the key is found, you will be shown the result of running PGP on it locally. This allows you to inspect the signatures on the key relative to your own keyring before you consent to having it added. Inspect the signatures carefully! Key distribution is often the Achilles' heel of public key protocols. If you blindly use keys obtained from the key servers, you are asking for trouble.
All of the methods use
mc-pgp-fetch-timeout as a timeout in
seconds; the default value is 30.