email-extract-openpgp-certs - extract OpenPGP certificates from an e-mail
Contents
Description
email-extract-openpgp-certs extracts all the things it can find that look like they might be OpenPGP
certificates in an e-mail, and produces them on standard output.
It currently knows about how to find OpenPGP certificates as attachments of MIME type
application/pgp-keys, and Autocrypt: style headers.
Example
$ notmuch show --format-raw id:b7e48905-842f@example.net >test.eml
$ email-extract-openpgp-certs <test.eml | gpg --import
Limitations
email-extract-openpgp-certs currently does not try to decrypt encrypted e-mails, so it cannot find
certificates that are inside the message's cryptographic envelope.
email-extract-openpgp-certs does not attempt to validate the certificates it finds in any way. It does
not ensure that they are valid OpenPGP certificates, or even that they are of a sane size. It does not
try to establish any relationship between the extracted certificates and the messages in which they are
sent. For example, it does not check the Autocrypt addr= attribute against the message's From: header.
Importing certificates extracted from an arbitrary e-mail in this way into a curated keyring is not a
good idea. Better to extract into an ephemeral location, inspect, filter, and then selectively import.
Name
email-extract-openpgp-certs - extract OpenPGP certificates from an e-mail
Options
None.
See Also
gpg(1), https://autocrypt.org, https://tools.ietf.org/html/rfc4880, https://tools.ietf.org/html/rfc3156
Synopsis
email-extract-openpgp-certs <message.eml | gpg--import
