Can't check pgp-6.5.8 signatura

Andreas Hasenack andreas@conectiva.com.br
Tue Oct 16 22:42:01 2001


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

I'm unable to check this signature against this file (both URLs
below). Before making a big noise about this I just wanted to
check with other gnupg users if this isn't just an interoperability
problem with gnupg and pgp (the signature was made with pgp-6.5.8):

http://web.mit.edu/Kerberos/www/advisories/telnetd_122_patch.txt
http://web.mit.edu/Kerberos/www/advisories/telnetd_122_patch.txt.asc


$ gpg -v --verify telnetd_122_patch.txt{.asc,}
gpg: Warning: using insecure memory!
gpg: armor header: Version: PGP 6.5.8
gpg: Signature made Mon Jul 30 22:56:15 2001 BRT using RSA key ID F376813D
gpg: BAD signature from "Tom Yu <tlyu@MIT.EDU>"

I downloaded the key from here:
http://www.crypto-publish.org/mit-kerberos5/index.html
(http://www.crypto-publish.org/dist/mit-kerberos5/0xF376813D.asc)

Gnupg version I'm using:
gpg (GnuPG) 1.0.6
Copyright (C) 2001 Free Software Foundation, Inc.
This program comes with ABSOLUTELY NO WARRANTY.
This is free software, and you are welcome to redistribute it
under certain conditions. See the file COPYING for details.

Home: ~/.gnupg
Algoritmos suportados:
Cipher: 3DES, CAST5, BLOWFISH, RIJNDAEL, RIJNDAEL192, RIJNDAEL256, TWOFISH
Pubkey: RSA, RSA-E, RSA-S, ELG-E, DSA, ELG
Hash: MD5, SHA1, RIPEMD160

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (GNU/Linux)
Comment: For info see http://www.gnupg.org

iEYEARECAAYFAjvMmx4ACgkQeEJZs/PdwpANkQCeOG9koQGu5GmFgN6aWYsX4Zgg
+W8An2Rnc49B0ZP6PNoAtoeFXCy8BIGt
=PX6a
-----END PGP SIGNATURE-----