TOFU
Neal H. Walfield
neal at walfield.org
Sun Jun 25 20:09:13 CEST 2017
At Fri, 23 Jun 2017 02:07:19 +0100,
MFPA wrote:
> On Wednesday 21 June 2017 at 7:49:42 PM, in
> <mid:ffb9b23c-b01b-44d0-3a75-6e5e474de196 at digitalbrains.com>, Peter
> Lebbing wrote:-
>
> > I think it's a bad UX choice to
> > name an invalid
> > signature "UNTRUSTED Good" and a valid signature
> > "Good". I think it
> > suggests they both have some credibility, which is a
> > false suggestion.
>
> I thought "good signature" just meant the message has not been
> altered in transit.
Nope. A MitM could have intercepted the message and replaced the body
with some other signed text (text that it possibly signed with a
"fake" key).
HTH,
:) Neal
More information about the Gnupg-users
mailing list