bad signatures
Ingo Klöcker
ingo.kloecker@epost.de
Fri Mar 29 20:29:01 2002
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On Tuesday 26 March 2002 05:01, Lee Roberts wrote:
> Why does everyone say my GPG signature is bad while their PGP
> signature shows good? I did a decrypt/verify of one of my GPG
> messages with PGP and it gives a bad signature also. So far, I don't
> see anything wrong with my GPG configuration.
I found the problem. In full compliance with the OpenPGP specs GPG uses
v4 signatures by default. GPG has an option to force it to use v3
signatures. man gpg says:
--force-v3-sigs
OpenPGP states that an implementation should
generate v4 signatures but PGP 5.x recognizes v4
signatures only on key material. This option
forces v3 signatures for signatures on data.
Obviously PGP 6.5.8 also can't handle v4 signatures.
Solution:
Add 'force-v3-sigs' to your ~/.gnupg/options file.
Regards,
Ingo
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (GNU/Linux)
Comment: For info see http://www.gnupg.org
iD8DBQE8pL+QGnR+RTDgudgRAmEQAJ9srQpHdvR1/GvXkbioc/PcPowdfgCfdSeH
iiSAmwy3Simr+ZeRvIOt+94=
=ZLtP
-----END PGP SIGNATURE-----