How to verify that a signature is from a specific sender
Robert Dahlem
Robert Dahlem" <Robert.Dahlem@siemens.com
Tue Dec 18 12:17:01 2001
Werner,
On Tue, 18 Dec 2001 09:17:10 +0100, Werner Koch wrote:
>> How do I verify (or decrypt and verify) something so that I can be
>> sure the mail or file was signed exactly by sender X@Y.Z and noone
>> else?
>Because this is a common task, I wrote gpgv which is the signature
>verification code of gpg without all the key validation stuff. You
>just pass a custom keyring with the valid signers to gpgv and use it
>like gpg. If you have installed gpg try "man gpgv".
This still fails on files whiche are signed _and_ encrypted, probably
because it cannot decrypt the files without access to ~/.gnupg/secring.gpg
>The other way is to grep for the status line. I like to do this using
>awk.
That's what I'll do after messing around with this stuff for quite a while
now. :-)
Thank you anyway.
Regards,
Robert
--
Robert.Dahlem@siemens.com
Siemens Business Services - FS GF KORDOBA-Outsourcing
Tel: +49-69-797-6530 Fax: +49-69-797-6599
----------------------------------------------------------------------
Sent using PMMail (http://www.pmmail2000.com) - fast, decent, email
software; far better than Outlook. Try it sometime.