@set VERSION 1.0.0
@copying
-This file describes EasyPG Assistant.
+This file describes EasyPG Assistant @value{VERSION}.
-Copyright @copyright{} 2007, 2008, 2009 Free Software Foundation, Inc.
+Copyright @copyright{} 2007-2011 Free Software Foundation, Inc.
@quotation
Permission is granted to copy, distribute and/or modify this document
@end quotation
@end copying
-@dircategory Emacs
+@dircategory Emacs misc features
@direntry
-* EasyPG Assistant: (epa). An Emacs user interface to GNU Privacy Guard.
+* EasyPG Assistant: (epa). An Emacs user interface to GNU Privacy Guard.
@end direntry
-
@titlepage
@title EasyPG Assistant
@vskip 0pt plus 1filll
@insertcopying
@end titlepage
-@page
-@c @summarycontents
-@c @contents
+@contents
@node Top
@top EasyPG Assistant user's manual
GnuPG interface for Emacs. EasyPG also contains the library interface
called EasyPG Library.
-@noindent
-This manual covers EasyPG version @value{VERSION}.
+@ifnottex
+@insertcopying
+@end ifnottex
@menu
* Overview::
* Quick start::
-* Commands::
+* Commands::
+* Caching Passphrases::
+* Bug Reports::
@end menu
@node Overview
integrated into other Emacs functionalities. For example, automatic
encryption/decryption of @samp{*.gpg} files.
-To install these features, do @kbd{C-u 1 M-x epa-mode}. It can also
-be turned on by customize. Try @kbd{M-x customize-variable epa-mode}.
-
@node Commands
@chapter Commands
@example
u Daiki Ueno <ueno@@unixuser.org>
u A5B6B2D4B15813FE 1024bits DSA
- Created: 2001-10-09
- Expires: 2007-09-04
- Capabilities: sign certify
- Fingerprint: 8003 7CD0 0F1A 9400 03CA 50AA A5B6 B2D4 B158 13FE
+ Created: 2001-10-09
+ Expires: 2007-09-04
+ Capabilities: sign certify
+ Fingerprint: 8003 7CD0 0F1A 9400 03CA 50AA A5B6 B2D4 B158 13FE
u 4447461B2A9BEA2D 2048bits ELGAMAL_E
- Created: 2001-10-09
- Expires: 2007-09-04
- Capabilities: encrypt
- Fingerprint: 9003 D76B 73B7 4A8A E588 10AF 4447 461B 2A9B EA2D
+ Created: 2001-10-09
+ Expires: 2007-09-04
+ Capabilities: encrypt
+ Fingerprint: 9003 D76B 73B7 4A8A E588 10AF 4447 461B 2A9B EA2D
@end example
@noindent
@node Mail-mode integration
@section Mail-mode integration
-EasyPG Assistant provides a minor mode to help user compose inline PGP
-messages. Inline PGP is sending the OpenPGP blobs directly inside a
-mail message and it is not recommended and you should consider to use
+EasyPG Assistant provides a minor mode @code{epa-mail-mode} to help
+user compose inline OpenPGP messages. Inline OpenPGP is a traditional
+style of sending signed/encrypted emails by embedding raw OpenPGP
+blobs inside a message body, not using modern MIME format.
+
+NOTE: Inline OpenPGP is not recommended and you should consider to use
PGP/MIME. See
@uref{http://josefsson.org/inline-openpgp-considered-harmful.html,
-Inline PGP in E-mail is bad, Mm'kay?}.
+Inline OpenPGP in E-mail is bad@comma{} Mm'kay?}.
@noindent
-The following keys are assigned.
+Once @code{epa-mail-mode} is enabled, the following keys are assigned.
+You can do it by @kbd{C-u 1 M-x epa-mail-mode} or through the Customize
+interface. Try @kbd{M-x customize-variable epa-global-mail-mode}.
@table @kbd
-@item C-c C-e d
+@item C-c C-e C-d and C-c C-e d
+@kindex @kbd{C-c C-e C-d}
@kindex @kbd{C-c C-e d}
@findex epa-mail-decrypt
Decrypt OpenPGP armors in the current buffer.
-@item C-c C-e v
+@item C-c C-e C-v and C-c C-e v
+@kindex @kbd{C-c C-e C-v}
@kindex @kbd{C-c C-e v}
@findex epa-mail-verify
Verify OpenPGP cleartext signed messages in the current buffer.
-@item C-c C-e s
+@item C-c C-e C-s and C-c C-e s
+@kindex @kbd{C-c C-e C-s}
@kindex @kbd{C-c C-e s}
@findex epa-mail-sign
Compose a signed message from the current buffer.
-@item C-c C-e e
+@item C-c C-e C-e and C-c C-e e
+@kindex @kbd{C-c C-e C-e}
@kindex @kbd{C-c C-e e}
@findex epa-mail-encrypt
Compose an encrypted message from the current buffer.
+By default it tries to build the recipient list from @samp{to},
+@samp{cc}, and @samp{bcc} fields of the mail header. To include your
+key in the recipient list, use @samp{encrypt-to} option in
+@file{~/.gnupg/gpg.conf}.
@end table
@node Encrypting/decrypting *.gpg files
@section Encrypting/decrypting *.gpg files
-Once @code{epa-setup} is loaded, every file whose extension is
-@samp{.gpg} will be treated as encrypted. That is, when you attempt
-to open such a file which already exists, the decrypted text is
-inserted in the buffer rather than encrypted one. On the other hand,
-when you attempt to save the buffer to a file whose extension is
-@samp{.gpg}, encrypted data is written.
+By default, every file whose name ends with @samp{.gpg} will be
+treated as encrypted. That is, when you open such a file, the
+decrypted text is inserted in the buffer rather than encrypted one.
+Similarly, when you save the buffer to a @samp{foo.gpg} file,
+encrypted data is written.
-If you want to temporarily disable this behavior, use @kbd{M-x
-epa-file-disable}, and then to enable this behavior use @kbd{M-x
-epa-file-enable}.
+The file name pattern for encrypted files can be controlled by
+@var{epa-file-name-regexp}.
+
+@defvar epa-file-name-regexp
+Regexp which matches filenames treated as encrypted.
+@end defvar
+
+You can disable this behavior with @kbd{M-x epa-file-disable}, and
+then get it back with @kbd{M-x epa-file-enable}.
@deffn Command epa-file-disable
Disable automatic encryption/decryption of *.gpg files.
@end deffn
@noindent
-@code{epa-file} will let you select recipients. If you want to
-suppress this question, it might be a good idea to put the following
-line on the first line of the text being encrypted.
+By default, @code{epa-file} will try to use symmetric encryption, aka
+password-based encryption. If you want to use public key encryption
+instead, do @kbd{M-x epa-file-select-keys}, which will pops up the key
+selection dialog.
+
+@deffn Command epa-file-select-keys
+Select recipient keys to encrypt the currently visiting file with
+public key encryption.
+@end deffn
+
+You can also change the default behavior with the variable
+@var{epa-file-select-keys}.
+
+@defvar epa-file-select-keys
+Control whether or not to pop up the key selection dialog.
+@end defvar
+
+For frequently visited files, it might be a good idea to tell Emacs
+which encryption method should be used through @xref{File Variables, ,
+, emacs, the Emacs Manual}. Use the @code{epa-file-encrypt-to} local
+variable for this.
@vindex epa-file-encrypt-to
+For example, if you want an Elisp file should be encrypted with a
+public key associated with an email address @samp{ueno@@unixuser.org},
+add the following line to the beginning of the file.
+
@cartouche
@lisp
;; -*- epa-file-encrypt-to: ("ueno@@unixuser.org") -*-
@end lisp
@end cartouche
-The file name extension of encrypted files can be controlled by
-@var{epa-file-name-regexp}.
+Instead, if you want the file always (regardless of the value of the
+@code{epa-file-select-keys} variable) encrypted with symmetric
+encryption, change the line as follows.
-@defvar epa-file-name-regexp
-Regexp which matches filenames treated as encrypted.
-@end defvar
+@cartouche
+@lisp
+;; -*- epa-file-encrypt-to: nil -*-
+@end lisp
+@end cartouche
Other variables which control the automatic encryption/decryption
behavior are below.
The default value is @code{t}.
@end defvar
+@node Caching Passphrases
+@chapter Caching Passphrases
+
+Typing passphrases is an irritating task if you frequently open and
+close the same file. GnuPG and EasyPG Assistant provide mechanisms to
+remember your passphrases. However, the configuration is a bit
+confusing since it depends on your GnuPG installation (GnuPG version 1 or
+GnuPG version 2), encryption method (symmetric or public key), and whether or
+not you want to use gpg-agent. Here are some questions:
+
+@enumerate
+@item Do you use GnuPG version 2 instead of GnuPG version 1?
+@item Do you use symmetric encryption rather than public key encryption?
+@item Do you want to use gpg-agent?
+@end enumerate
+
+Here are configurations depending on your answers:
+
+@multitable {111} {222} {333} {configuration configuration configuration}
+@item @b{1} @tab @b{2} @tab @b{3} @tab Configuration
+@item Yes @tab Yes @tab Yes @tab Set up gpg-agent.
+@item Yes @tab Yes @tab No @tab You can't, without gpg-agent.
+@item Yes @tab No @tab Yes @tab Set up gpg-agent.
+@item Yes @tab No @tab No @tab You can't, without gpg-agent.
+@item No @tab Yes @tab Yes @tab Set up elisp passphrase cache.
+@item No @tab Yes @tab No @tab Set up elisp passphrase cache.
+@item No @tab No @tab Yes @tab Set up gpg-agent.
+@item No @tab No @tab No @tab You can't, without gpg-agent.
+@end multitable
+
+To set up gpg-agent, follow the instruction in GnuPG manual.
+@pxref{Invoking GPG-AGENT, , Invoking GPG-AGENT, gnupg}.
+
+To set up elisp passphrase cache, set
+@code{epa-file-cache-passphrase-for-symmetric-encryption}.
+@xref{Encrypting/decrypting *.gpg files}.
+
+@node Bug Reports
+@chapter Bug Reports
+
+Bugs and problems with EasyPG Assistant are actively worked on by the
+Emacs development team. Feature requests and suggestions are also
+more than welcome. Use @kbd{M-x report-emacs-bug}, @pxref{Bugs, ,
+Bugs, emacs, Reporting Bugs}.
+
+When submitting a bug report, please try to describe in excruciating
+detail the steps required to reproduce the problem. Also try to
+collect necessary information to fix the bug, such as:
+
+@itemize @bullet
+@item the GnuPG version. Send the output of @samp{gpg --version}.
+@item the GnuPG configuration. Send the contents of @file{~/.gnupg/gpg.conf}.
+@end itemize
+
+Before reporting the bug, you should set @code{epg-debug} in the
+@file{~/.emacs} file and repeat the bug. Then, include the contents
+of the @samp{ *epg-debug*} buffer. Note that the first letter of the
+buffer name is a whitespace.
+
@bye
@c End:
-
-@ignore
- arch-tag: 7404e246-7d4c-4db4-9332-c1293a455a4f
-@end ignore