newbie problem about signing

S C sco@tfz.net
Sat Jan 11 16:27:02 2003


hi,
i was using pgp 6.5.8 ckt in my windows box, i exported my keys 
including private ones and imported them using gnupgp in my linux. now 
each time i sign a message i have warning, for example with kmail :

"Message was signed by myname <myemail@xx.com> (Key ID: 0xxxxxxxxx).
The signature is valid, but the key's validity is unknown.

message here

End of signed message"

and with enigmail in mozilla messenger, each time i sign a message and 
then click on the decrypt /verify icon :
a pop up window appears  :
 " OpenPGP security info
Error - signature verification failed
gpg command line and output :

/usr/bin/gpg --batch --no-tty --status-fd 2 -d
gpg: Signature made sat 11 Jan 2003 02:55:59 AM CET using DSA key ID 
xxxxxxxx
gpg: BAD signature from "myname <myemail@xx.com>"

so i checked the help and found about lsign and sign :

1/ what is the difference between signing a key locally and signing?
2/ when i try both i have each time to cancel because at the end of 
process :

[t@localhost t]$ gpg --nrlsign-key xxxxxxxx

pub  1024D/xxxxxxxx  created: 2002-04-06 expires: never      trust: -/-
sub  2048g/xxxxxxxx  created: 2002-04-06 expires: never
(1).myname <myemail@xx.com>


pub  1024D/xxxxxxx  created: 2002-04-06 expires: never      trust: -/-
 Primary key fingerprint: *********************************************

    myname <myemail@xx.com>

How carefully have you verified the key you are about to sign actually 
belongs
to the person named above?  If you don't know what to answer, enter "0".

   (0) I will not answer. (default)
   (1) I have not checked at all.
   (2) I have done casual checking.
   (3) I have done very careful checking.

Your selection? 3
Are you really sure that you want to sign this key
with your key: "my nym name <mynym@nym.alias.net>"

The signature will be marked as non-exportable.

The signature will be marked as non-revocable.

I have checked this key very carefully.

Really sign? y
gpg: protection algorithm 1 (IDEA) is not supported
gpg: the IDEA cipher plugin is not present
gpg: please see http://www.gnupg.org/why-not-idea.html for more information
gpg: signing failed: unknown cipher algorithm

Command>

my problem is why is my nym email adress used by default to sign my 
keys? i cannot use my nym since a nym adress must have no relation with 
the real owner, with his real email. it is used to hide real email address.
so, how can i make myemail@xx.com the defaut id used to sign my keys?
3/ and do i have to add idea support for gupg?
4/ is signing the method to be used to make those warning messages 
disappear in both kmail and mozilla messenger?
any help appreciated