bad signatures

Marc Mutz mutz@kde.org
Tue Mar 26 09:17:01 2002


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On Tuesday 26 March 2002 06:35, Nick Andriash wrote:
> On Monday, March 25 2002 at 08:01 PM PDT, you wrote:
> > Why does everyone say my GPG signature is bad while their PGP signatu=
re
> > shows good? I did a decrypt/verify of one of my GPG messages with PGP
> > and it gives a bad signature also. So far, I don't see anything wrong
> > with my GPG configuration.

Upload your key to a keyserver (e.g. pgp.dtype.org), so we can check what=
's=20
going on.

> Poor wrapping by the Mail Client, i.e. wrapping of text after the messa=
ge
> has been signed is one of the most probable causes,

No. KMail doesn't do that ;-)

> unless you use a
> WYSIWYG Editor. Also, I see this in your headers:
>
> Content-Transfer-Encoding: 8bit
>
> I'm not sure if I'm using the correct vernacular, but some Servers will=
 be
> cause for concern if they convert the text to 7 bit. I could not check
> your signature because I could not find your Key on any of the Servers.

If the server converts 8but labelled content to 7bit, he will only do so =
if=20
the content is 7bit text only. Since 8bit and 7bit are both incarnations =
of=20
the identiy transformation, the conversion would not invalidate the sig.

Most likely Lee is missing something obvious, like confusing invalid=20
signatures with untrusted keys. Am I right here?

Marc

- --=20
Marc Mutz <mutz@kde.org>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (GNU/Linux)
Comment: For info see http://www.gnupg.org

iD8DBQE8oC3V3oWD+L2/6DgRArx5AKCiWCpW3OacwHtkIpyiOErhsCOZPACgmPP4
c0KSIf05xiFb0E4ae9oqkvM=3D
=3D0e64
-----END PGP SIGNATURE-----