(1) BAD signature and (2) auto SHA1
Kyle Hasselbacher <firstname.lastname@example.org>
Mon Aug 4 17:50:02 2003
-----BEGIN PGP SIGNED MESSAGE-----
On Sat, Aug 02, 2003 at 04:21:03AM -0500, DIG wrote:
>1. First group of messages returns "BAD signature". What is the best way
>to find out whose fault it is (as in famous Russian question)? It is my
>fault, or it is the fault of my correspondent?
Someone else already answered this better than I. Basically it means the
message was altered since it was signed. It may have been altered by
software not sensitive to signatures, or it's a dreaded attacker trying to
falsify a message.
>2. Second group of messages contains messages like this:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
In Mutt, the easiest way might be to pipe the message to gpg and witness
the output. Type this:
It'll tell you if the signature is good. In newer versions of Mutt, you
can do "escape P", and it will check the message for inline PGP like the
above and treat it accordingly.
Neither of those is automatic, though.
>DIG (Dmitri I GOULIAEV) http://www.bioinformatics.org/~dig/
>1024D/63A6C649: 26A0 E4D5 AB3F C2D4 0112 66CD 4343 C0AF 63A6 C649
OT: I emailed you about a key signing after seeing your listing on
Biglumber. Did that get spam filtered or something?
Kyle Hasselbacher | Never test for an error condition
email@example.com | you don't know how to handle. -- Steinbach
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (GNU/Linux)
-----END PGP SIGNATURE-----