Problems verifying signature with autoimported keys

David Shaw dshaw at jabberwocky.com
Tue Feb 4 21:51:02 CET 2003


On Tue, Feb 04, 2003 at 09:23:21PM +0100, Holger Sesterhenn wrote:
> Hi folks,
> 
> I am playing around with keyservers and the 'auto-key-retrieve' option and
> have some problems to understand why a signature should be bad:

> gpg: Signature made Tue Feb  4 19:08:18 2003 CET using DSA key ID 8C574710
> [GNUPG:] SIG_ID skATzmEpRldO4qfomtEO27ZoSTg 2003-02-04 1044382098
> [GNUPG:] GOODSIG 2222222222222000 userB <userB at internet>
> gpg: Good signature from "userB <userB at internet>"
> gpg:                 aka "alias userB <userB at somewhere>"
> [GNUPG:] VALIDSIG 2222222222222222222000000 2003-02-04 1044382098 0
> [GNUPG:] TRUST_FULLY
> [GNUPG:] DECRYPTION_OKAY
> gpg: WARNING: message was not integrity protected

This is a good signature.  Is the message that is concerning you the
"message was not integrity protected" warning?  That is not part of
the signature.

David

-- 
   David Shaw  |  dshaw at jabberwocky.com  |  WWW http://www.jabberwocky.com/
+---------------------------------------------------------------------------+
   "There are two major products that come out of Berkeley: LSD and UNIX.
      We don't believe this to be a coincidence." - Jeremy S. Anderson




More information about the Gnupg-devel mailing list