1.0.3 fails to verify RSA signature, 1.0.2 is OK
Keith Owens
kaos@ocs.com.au
Sat, 30 Sep 2000 23:13:09 +1100
ftp://ftp.wu-ftpd.org/pub/wu-ftpd/
wu-ftpd-2.6.1.tar.gz. . . . . . [Jul 1 19:13] 334K
wu-ftpd-2.6.1.tar.gz.asc. . . . [Jul 1 19:13] 1K
The signature verifies using gnupg 1.0.2 and load-extension rsaref.
It does not verify using stock gnupg 1.0.3, with or without rsaref.
--emulate-md-encode-bug makes no difference.
1.0.2 + load-extension rsaref
# ./gpg wu-ftpd-2.6.1.tar.gz.asc
gpg: Warning: using insecure memory!
Detached signature.
Please enter name of data file: wu-ftpd-2.6.1.tar.gz
gpg: Signature made Sun Jul 2 15:18:43 2000 EST using RSAREF key ID 62885875
gpg: Good signature from "WU-FTPD Development Group <wuftpd-members@wu-ftpd.org>"
Could not find a valid trust path to the key. Let's see whether we
can assign some missing owner trust values.
No path leading to one of our keys found.
gpg: WARNING: This key is not certified with a trusted signature!
gpg: There is no indication that the signature belongs to the owner.
gpg: Fingerprint: B1 9B 35 09 FE 34 98 25 8C CD B8 4F 90 DB 42 82
1.0.3, with or without load-extension rsaref, using the same files and
keyring as 1.0.2.
# gpg wu-ftpd-2.6.1.tar.gz.asc
Detached signature.
Please enter name of data file: wu-ftpd-2.6.1.tar.gz
gpg: Signature made Sun Jul 2 15:18:43 2000 EST using RSA key ID 62885875
gpg: BAD signature from "WU-FTPD Development Group <wuftpd-members@wu-ftpd.org>"
Fingerprint, either version.
# gpg --fingerprint wuftpd
pub 1024R/62885875 1999-05-22 WU-FTPD Development Group <wuftpd-members@wu-ftpd.org>
Key fingerprint = B1 9B 35 09 FE 34 98 25 8C CD B8 4F 90 DB 42 82
--
Archive is at http://lists.gnupg.org - Unsubscribe by sending mail
with a subject of "unsubscribe" to gnupg-users-request@gnupg.org