Yum problems

[Joe(theWordy)Philbrook]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

It would appear that on Sep 10, Michael Schwendt did say:

> You would need to simulate what PGP MIME does with detached signatures
> in order to be able to verify a message body manually. Converting
> content encoding and stripping newlines at the right places may be
> necessary. FWIW, Sylpheed verifies Alexander's signatures as "Good", so
> its PGP MIME implementation seems to agree with Ximian Evolution's.

OK, so basically for _normal_ users, when mail clients deploy gpg as a
detached sig, the only reasonable way to verify or if needed, decrypt
the message would be to choose a similar mailclient... That's so much like
M$'s way of thinking that I wouldn't choose to use that method even if I
"liked" any of the gui mail clients... Especially when/if a user of such
a mail client wants to verify, or decrypt some ascii armored message
body from me, all they should need to do is to save the message as a
temporary text file, and run a command line utility on it, while if they
choose to use an integrated gpg/mail client that _can_ handle ascii
armored text they can still do it on the fly.

<rant>
No _if_ I used Slypheed or Ximian Evolution, I'd still do my gpg tasks as
ascii armored text documents which I could then either embed in the
message body with my editing tool (if practical) or at least be able to
include it as an text attachment, allowing for manual
verification/decryption by anyone who wants to bother. Or maybe I'd
create an ascii armored text document, attach it to the e-mail, and then
use the integrated gpg function to sign the email itself. Thus users of
such integrated gpg/mail clients could verify that the mail message
including the ascii attachment was what it was supposed to be. And then
those who don't use such mail clients could then simply save the ascii
armored attachment to disk (or possibly pipe it directly to gpg?) where
the command line gpg utility would be able to verify or decrypt the
ascii armored document it self...
</rant>

Actually I do my gpg signing from vim. 

I mapped some command mode keys to 

	A) feed the current file to aspell as a reusable temp file.

:map s :w^M:w! $spellfile^M:!aspell -c $spellfile^M
	
	B) retrieve the spell checked version of the file (replacing the
	   current contents).
	
:map S :w^MG:r $spellfile^Mkd1G
	
	C) append an instruction on where to find my public key to the last
	   spellchecked output file, feed it to gpg for signing
	   using a couple more reusable temp files.
	
:map <C-s>  :!cat $spellfile $sig/gpglink >${spellfile}._-_^M:!rm ${spellfile}.asc^M:!gpg --output ${spellfile}.asc --clearsign ${spellfile}._-_
	
	D) retrieve the gpg signed version of the file (replacing the
	   current contents).
	
:map <C-g> :w^MG:r ${spellfile}.asc^Mkd1G

	
(Where the "^M" characters were really embedded linefeeds inserted into
the ~/.vimrc via vim's ^V function of course)

This coupled with vim's undo function makes this a very versatile method
of painlessly remembering to spellcheck BEFORE signing a text document.
Then as long as my mail client will let me use vim for a composer, I'm
happy...

I know "Professional" coders dislike temporary files, but for me this is
a good solution. And after all, These few temp files ARE automatically
recycled every time.

Works for me!

- -- 
|				      ---   ---
|     Joe (theWordy) Philbrook	      <o>   <o>
|	   J(tWdy)P			  ^
|	<<jtwdyp at ttlc.net>>		/---\	"bla bla bla..."
|					\___/	"...and bla..."

   At least I know my mouth is running, I just can't find the off button!

   ##############################################################
   # You can find my public gpg key at http://pgpkeys.mit.edu/  #
   ##############################################################

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (GNU/Linux)

iD8DBQFBQid8RZ/61mwhY94RAkEJAKCNAuzCN1lvORjGPlQW0e1p6wLJ4QCePPdZ
EGZXaee92NldIkUQE9dWpKw=
=HnAX
-----END PGP SIGNATURE-----