GPG 1.4.1 and RIPEMD160 problem

Atom Smasher atom at smasher.org
Thu Mar 24 05:20:34 CET 2005


On Wed, 23 Mar 2005, David Shaw wrote:

> There are two ways this could happen - one, a clearsigned message that 
> has a "Hash:" header that doesn't match the actual hash used in the 
> signature, and two, a onepass signed message that claims to be one hash, 
> but is actually another.
=================

use "pgpdump" or "gpg --list-packets" to see what hash the signature 
~really~ uses.


-- 
         ...atom

  _________________________________________
  PGP key - http://atom.smasher.org/pgp.txt
  762A 3B98 A3C3 96C9 C6B7 582A B88D 52E4 D9F5 7808
  -------------------------------------------------

 	When cryptography is outlawed,
 	b25seSBvdXRsYXdzIHdpbGwgdXNlIGNyeXB0b2dyYXBoeS4K





More information about the Gnupg-devel mailing list