I recently added trust-model tofu+pgp in my .gnupg/gpg.conf to use TOFU and automatically trust (marginally) keys from e-mails I see for the first time. It has the bad consequence of making PGP's output horribly verbose:
gpg: Verified 1 message signed by "Foo <[email protected]>" (key: F00 BA8 …, policy: auto) in the past 32 minutes, 19 seconds.
gpg: Warning: we've only seen a single message signed by this key!
gpg: Warning: if you think you've seen more than 1 message signed by this key, then this key might be a forgery! Carefully examine the email address for small variations (e.g., additional white space). If the key is suspect, then use 'gpg --tofu-policy bad "name_of_key"' to mark it as being bad.
PGP's output appear before the body of the message, and worse, this blob of text appears once for each e-mail address associated to the key. On my small screen, I have to scroll a lot before reading the actual e-mail. I'm looking for ways to fix that:
- is there an option in mutt that allows to display only a summary of PGP's output (95% of the time, all I care about is "did the verification work, and what's the level of trust associated to key")?
- if not, is there an option to display PGP's output after the body of the message instead of before?
- otherwise, is there a way to make GnuPG's output less verbose?
Thanks in advance! I use GnuPG 2.1.11 with mutt 1.5.24 on Debian Sid (4.3.3-5; kernel 4.3.0-1-amd64).
