Andreas Wagner's mutt config [/home/wagner/.mutt/gpgrc]

# -*- ~/.mutt/gpgrc -*-
#
# Command formats for gpg.
# 
# This version uses gpg-2comp from 
#   http://muppet.faveve.uni-stuttgart.de/~gero/gpg-2comp/
#
# $ Id: gpg.rc,v 1.8 2002/02/18 17:21:18 roland Exp roland $
#
# %p    The empty string when no passphrase is needed,
#       the string "PGPPASSFD=0" if one is needed.
#
#       This is mostly used in conditional % sequences.
#
# %f    Most PGP commands operate on a single file or a file
#       containing a message.  %f expands to this file's name.
#
# %s    When verifying signatures, there is another temporary file
#       containing the detached signature.  %s expands to this
#       file's name.
#
# %a    In "signing" contexts, this expands to the value of the
#       configuration variable $pgp_sign_as.  You probably need to
#       use this within a conditional % sequence.
#
# %r    In many contexts, mutt passes key IDs to pgp.  %r expands to
#       a list of key IDs.

# %n = number	%k = key id	%K = key id of the principal key
# %u = user id	%a = algorithm	%A = algorithm of the princ. key
# %l = length	%L = length of the princ. key
# %f = flags	%F = flags of the princ. key
# %c = capabilities		%C = capabilities of the princ. key
# %t = trust/validity of the key-uid association

# Note that we explicitly set the comment armor header since GnuPG, when used
# in some localiaztion environments, generates 8bit data in that header, thereby
# breaking PGP/MIME.

###----------------------------------------------------------------------------
### pgp setup (from mutt dist examples)
###----------------------------------------------------------------------------

set 	pgp_create_traditional=no	# Use old-style PGP? (don't do it!)
set 	pgp_entry_format= \
	"%4n %t%f %[%y/%m/%d] %4l/0x%k %-4a %2c %u"
# 	"%4n %t%f %4l/0x%k %-4a %2c %u"
set 	pgp_good_sign= \
 	"`gettext -d gnupg -s 'Good signature from "' | tr -d '"'`"	# string that the verify command outputs if the signature is good
# 	"Good signature"		# English version
# 	"Korrekte Unterschrift"		# German version (LANG=de)
# 	""				# not needed, if exit code ok.
set 	pgp_ignore_subkeys		# On OpenPGP keys only show the main key, not the sub.
unset 	pgp_long_ids			# display 64bit PGP key-ids (don't change this!)
set 	pgp_replyencrypt		# autocrypt replies to crypted
set 	pgp_replysign			# autosign replies to signed
set 	pgp_replysignencrypted		# autosign replies to sig/crypt
set 	pgp_retainable_sigs		# nested mime fmt sigs
set 	pgp_strict_enc			# allway use QP enc. with PGP.
set 	pgp_timeout=60			# forget PGP passphrase after 60 seconds
set 	pgp_show_unusable		# show unusable PGP keys in menu
set 	pgp_sort_keys=address		# Sorting of PGP keys (address, keyid, date, trust) and reverse-*
set 	pgp_verify_sig=ask-yes		# ask me whether I want to check a pgp signature


# use my RSA key as default:
# set 	pgp_sign_as="0x1AD97BA5"	# UserID/KeyID for signing

# use my DSA key as default:
set 	pgp_sign_as="0x869F81BA"	# UserID/KeyID for signing


### ---------------------------------------------------------------------------
###  commands

# decode application/pgp
set	pgp_decode_command=\
	"mutt.sigtrace.pl 869F81BA gpg %?p?--passphrase-fd 0? --no-verbose --batch --output - %f"
#	"gpg %?p?--passphrase-fd 0? --no-verbose --batch --output - %f"
# 	"gpg %?p?--passphrase-fd 0? --no-verbose --batch --quiet --output - %f"
# 	"gpg %?p?--passphrase-fd 0? --batch --output - %f"

# verify a pgp/mime signature
set	pgp_verify_command=\
	"mutt.sigtrace.pl 869F81BA gpg --no-verbose --batch --output - --verify %s %f"
#	"gpg --no-verbose --batch --output - --verify %s %f"
# 	"gpg --no-verbose --quiet --batch --output - --verify %s %f"
# 	"gpg --quiet --batch --output - --verify %s %f"

# decrypt a pgp/mime attachment
set	pgp_decrypt_command=\
	"gpg --passphrase-fd 0 --no-verbose --batch --output - %f"
# 	"gpg --passphrase-fd 0 --no-verbose --quiet --batch --output - %f"

# create a pgp/mime signed attachment
set	pgp_sign_command=\
	"gpg --no-verbose --batch --output - --passphrase-fd 0 \
	--armor --detach-sign --textmode %?a?-u %a? %f"
# 	"gpg-2comp --comment '' --no-verbose --batch  --output - --passphrase-fd 0 --armor --detach-sign --textmode %?a?-u %a? %f"
# 	"gpg-2comp --no-verbose --batch --quiet --output - --passphrase-fd 0 --armor --detach-sign --textmode %?a?-u %a? %f"

# create a application/pgp signed (old-style) message
set	pgp_clearsign_command=\
	"gpg --no-verbose --batch --output - --passphrase-fd 0 \
	--armor --textmode --clearsign %?a?-u %a? %f"
# 	"gpg-2comp --comment ''  --no-verbose --batch  --output - --passphrase-fd 0 --armor --textmode --clearsign %?a?-u %a? %f"
# 	"gpg-2comp --no-verbose --batch --quiet --output - --passphrase-fd 0 --armor --textmode --clearsign %?a?-u %a? %f"

# create a pgp/mime encrypted attachment
set	pgp_encrypt_only_command=\
	"pgpewrap gpg -v --batch --output - --encrypt --textmode \
	--armor --always-trust -- -r %r -- %f"
# 	"pgpewrap gpg-2comp -v --batch --output - --encrypt --textmode --armor --always-trust -- -r %r -- %f"
# 	"pgpewrap gpg-2comp -v --batch --quiet --output - --encrypt --textmode --armor --always-trust -- -r %r -- %f"

# create a pgp/mime encrypted and signed attachment
set	pgp_encrypt_sign_command=\
	"pgpewrap gpg --passphrase-fd 0 -v --batch --output - --encrypt \
	--sign %?a?-u %a? --armor --always-trust -- -r %r -- %f"
# 	"pgpewrap gpg-2comp  --passphrase-fd 0 -v --batch  --output - --encrypt --sign %?a?-u %a? --armor --always-trust -- -r %r -- %f"
# 	"pgpewrap gpg-2comp --passphrase-fd 0 -v --batch --output --quiet - --encrypt --sign %?a?-u %a? --armor --always-trust -- -r %r -- %f"

# import a key into the public key ring
set	pgp_import_command="gpg --no-verbose --import -v %f"

# export a key from the public key ring
set	pgp_export_command="gpg --no-verbose --export --armor %r"

# verify a key
set	pgp_verify_key_command=\
	"gpg --no-verbose --batch --fingerprint --check-sigs %r"

# read in the public key ring
set	pgp_list_pubring_command=\
	"gpg --no-verbose --batch --with-colons --list-keys %r"
# 	"gpg --no-verbose --quiet --batch --with-colons --list-keys %r"

# read in the secret key ring
set	pgp_list_secring_command=\
	"gpg --no-verbose --batch --with-colons --list-secret-keys %r"
# 	"gpg --no-verbose --quiet --batch --with-colons --list-secret-keys %r"

# receive key from keyserver:
# set	pgp_getkeys_command=""
# set	pgp_getkeys_command="wrap.sh -g %r"
# set 	pgp_getkeys_command="gpg-compat --keyserver http://pgp.zdv.uni-mainz.de/keyserver/ --recv-keys %r"
set 	pgp_getkeys_command="gpg --recv-keys %r"