How to verify that a signature is from a specific sender

Robert Dahlem Robert Dahlem" <
Tue Dec 18 12:17:01 2001


On Tue, 18 Dec 2001 09:17:10 +0100, Werner Koch wrote:

>> How do I verify (or decrypt and verify) something so that I can be 
>> sure the mail or file was signed exactly by sender X@Y.Z and noone
>> else?

>Because this is a common task, I wrote gpgv which is the signature
>verification code of gpg without all the key validation stuff.  You
>just pass a custom keyring with the valid signers to gpgv and use it
>like gpg. If you have installed gpg try "man gpgv".

This still fails on files whiche are signed _and_ encrypted, probably 
because it cannot decrypt the files without access to ~/.gnupg/secring.gpg

>The other way is to grep for the status line.  I like to do this using

That's what I'll do after messing around with this stuff for quite a while 
now. :-)

Thank you anyway.


Siemens Business Services - FS GF KORDOBA-Outsourcing
Tel: +49-69-797-6530  Fax: +49-69-797-6599
Sent using PMMail ( - fast, decent, email
software; far better than Outlook. Try it sometime.