Verisign / Network Solutions PGP guardian method does not support GnuPG

Toxik - Fabian Rodriguez Fabian.Rodriguez@Toxik.com
Thu Oct 25 20:37:03 2001


Hello,

>From time to time I verify different scenarios in which our customers may
use GnuPG as a complete replacement to PGP. It is interesting to note that
Network Solutions' PGP guardian method does not work with GnuPG generated
signatures.

I am enclosing the original response (less my message), as reference. Please
note that I used GnuPG v1.0.6 (MingW32) and WinPT 0.4.0a. Then with PGP 7.03
it was completed fine, with the exact same text, using the same key, same
software (Outlook), etc. Only the encryption software was different.

BTW, on their site they mention: "Our PGP keyserver will accept PGP Version
2.6 to 6.5.2.", however I sent my key generated with GnuPG/WinPT by email
and their server accepted it. And the message I sent after that (resulting
in the error reply), was signed with PGP 7.03. Also note it took 18 days for
the key to be added (instead of 24h).

I thought it would be more appropiate to send it here than to risk it being
lost in their support system.

Thank you,

Fabian Rodriguez - Toxik Technologies Inc.
www.Toxik.com - Open PGP ID: 0x5AF2A4D5

> -----Original Message-----
> From: Domain Registration Role Account
[mailto:domreg@networksolutions.com]
> Sent: October 24, 2001 16:42
> To: dnsadmin@toxik.com
> Subject: Re: [NIC-XXXXXX.XXXX] DOMAIN NAME (request id modified for
privacy purposes)
>
>
> Thank you for contacting VeriSign.
>
> We have received your message, but are unable to process it at this
> time. The most likely reasons why this may have happened are listed
> below. Please review this list and compare the possible errors with
> your message. If possible, correct the error and re-send your e-mail
> to VeriSign at hostmaster@networksolutions.com.
>
> 1. Your PGP signed message was MIME-encapsulated. Most Windows based
> e-mail applications will perform this conversion. Currently, we cannot
> support PGP signed messages that have been MIME-encapsulated.
>
> 2. There are extra characters in your message, which distort your PGP
> signature and make it impossible for us to confirm that your signature
> is correct. These extra characters are inserted when a PGP plugin for
> Outlook or Eudora are used to sign a message, and the message is then
> sent to a system using a UNIX platform, which we use. Currently, we
> cannot support PGP signed messages sent from a computer using any
> platform other than UNIX.
>
> 3. Although PGP is your Guardian method, you did not sign your message
> with your PGP private key. Please sign your message with your PGP
> private key and return it by e-mail to VeriSign at
> hostmaster@networksolutions.com.
>
> 4. It appears that you have more than one PGP private key. Although you
> signed this message with a PGP key, you didn't use the PGP private key
> that is associated with the contact handle on this record. Please make
> sure that you are using the right PGP private key to sign your message
> and return the message by e-mail to VeriSign at
> hostmaster@networksolutions.com.
>
> Best regards,
> VeriSign, Inc.
> http://www.netsol.com