Signature verification problem

Daniel Carrera
Wed Jul 31 17:01:02 2002

Same thing just happened to me.  It's strange that it recognizes the
signature as being yours, yet it says tha it's "BAD".

I don't really know what this means, but I'll try to find out.

Hopefully one of the more knowledgeable GPG users here can tell us.


On Wed, 31 Jul 2002, Konrad Podloucky wrote:

> Hi guys,
> I'm just in the process of evaluating some OpenPGP solutions for the
> company I work for, and I stumbled onto this problem:
> I used CryptoEx' Outlook plugin to cleartext-sign a mail, which I tried to
> verify with gpg.
> gpg gives me a BAD signature (both 1.0.6 and 1.0.7). However CryptoEx'
> plugin verifies the signature as being good (OK, otherwise it would be
> pretty embarrassing) and NAI's PGP (7.0.3) also says that the signature is
> ok.
> I've attached the relevant message and the public part of the key used to
> sign the message. Unfortunately I don't have enough knowledge about the
> OpenPGP standard or the implementations to give this problem a better look.
> Would be great if somebody could shed some light on this issue.
> Thx,
>      Konrad