newbie problem about signing
Sat Jan 11 16:27:02 2003
i was using pgp 6.5.8 ckt in my windows box, i exported my keys
including private ones and imported them using gnupgp in my linux. now
each time i sign a message i have warning, for example with kmail :
"Message was signed by myname <firstname.lastname@example.org> (Key ID: 0xxxxxxxxx).
The signature is valid, but the key's validity is unknown.
End of signed message"
and with enigmail in mozilla messenger, each time i sign a message and
then click on the decrypt /verify icon :
a pop up window appears :
" OpenPGP security info
Error - signature verification failed
gpg command line and output :
/usr/bin/gpg --batch --no-tty --status-fd 2 -d
gpg: Signature made sat 11 Jan 2003 02:55:59 AM CET using DSA key ID
gpg: BAD signature from "myname <email@example.com>"
so i checked the help and found about lsign and sign :
1/ what is the difference between signing a key locally and signing?
2/ when i try both i have each time to cancel because at the end of
[t@localhost t]$ gpg --nrlsign-key xxxxxxxx
pub 1024D/xxxxxxxx created: 2002-04-06 expires: never trust: -/-
sub 2048g/xxxxxxxx created: 2002-04-06 expires: never
pub 1024D/xxxxxxx created: 2002-04-06 expires: never trust: -/-
Primary key fingerprint: *********************************************
How carefully have you verified the key you are about to sign actually
to the person named above? If you don't know what to answer, enter "0".
(0) I will not answer. (default)
(1) I have not checked at all.
(2) I have done casual checking.
(3) I have done very careful checking.
Your selection? 3
Are you really sure that you want to sign this key
with your key: "my nym name <firstname.lastname@example.org>"
The signature will be marked as non-exportable.
The signature will be marked as non-revocable.
I have checked this key very carefully.
Really sign? y
gpg: protection algorithm 1 (IDEA) is not supported
gpg: the IDEA cipher plugin is not present
gpg: please see http://www.gnupg.org/why-not-idea.html for more information
gpg: signing failed: unknown cipher algorithm
my problem is why is my nym email adress used by default to sign my
keys? i cannot use my nym since a nym adress must have no relation with
the real owner, with his real email. it is used to hide real email address.
so, how can i make email@example.com the defaut id used to sign my keys?
3/ and do i have to add idea support for gupg?
4/ is signing the method to be used to make those warning messages
disappear in both kmail and mozilla messenger?
any help appreciated