verifying whithout key

Anthony E . Greene
Tue Jun 5 03:34:01 2001

On Mon, 04 Jun 2001 18:24:41 Jan Schneider wrote:

>is there any way to verify signed messages without having the owners key?
>pgp complains but does the verifying, gpg doesn't at all.
If PGP/GPG does not have the key, it cannot verify the signature. Verification requires PGP/GPG to decrypt the signature using the signers public key. The decrypted data should be a hash of the message data. PGP/GPG compares this decrypted hash with a hash it generates itself. If they match, the signature is verified. But it needs the signer's public key to decrypt the signature data to recover the original hash. Tony --=20 Anthony E. Greene <> <> PGP Key: 0x6C94239D/7B3D BD7D 7D91 1B44 BA26 C484 A42A 60DD 6C94 239D Chat: AOL/Yahoo: TonyG05 MSN: te_greene Linux. The choice of a GNU Generation. <>