I got a request to make incoming public PGP keys trusted.
The idea is to make a register mail address where a person can send his pub key and we remove it from the mail and add it to the gateway. That's fine and working.
Now the tricky part:
We want the user to verify the key via a second way with the key ID. The second way wrote the pub key ID in a database and from their the verify process should start and check if the key with that ID exists and if so it should be trusted.
Now two questions:
1. How can we set the key trusted via cli or something like that?
2. Is it possible to add a header or subject extension after a lookup in the database to get a value from their which should be added to subject or as header?

Robert Wiegand