can`t verify signature

Adrian 'Dagurashibanipal' von Bidder avbidder@fortytwo.ch
Sat Jul 26 10:52:02 2003


--Boundary-02=_UGkI/rM+jfIv5zb
Content-Type: text/plain;
  charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
Content-Description: signed data
Content-Disposition: inline

On Saturday 26 July 2003 07:07, Gustavo Vasconcelos wrote:
> I didn't get it. What is the problem on using a corporate key where
> your employes have to sign it and have theirs signed back by it?

That's not what they did. Look at the key again - the names are not=20
signatures, they're userids! They had a corporate key and each employee had=
 a=20
userid - and presumably, each employee had the corporate secret key on thei=
r=20
computer.

What you describe is how to do it, works fine. Although it's open to debate=
=20
whether every employee should sign the corporate key or not (personally, I=
=20
feel signing a CA key does make sense. Others feel it doesn't.)

cheers
=2D- vbi

=2D-=20
The surest sign that a man is in love is when he divorces his wife.

--Boundary-02=_UGkI/rM+jfIv5zb
Content-Type: application/pgp-signature
Content-Description: signature

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (GNU/Linux)

iKcEABECAGcFAj8iQZRgGmh0dHA6Ly9mb3J0eXR3by5jaC9sZWdhbC9ncGcvZW1h
aWwuMjAwMjA4MjI/dmVyc2lvbj0xLjUmbWQ1c3VtPTVkZmY4NjhkMTE4NDMyNzYw
NzFiMjVlYjcwMDZkYTNlAAoJEIukMYvlp/fWIj0An2vDIOUzVEV+Lxs4t1+OUjDh
wWUqAJ9PWGq8xgHc2lGsCy5j4bbfwGhzjg==
=C7Bf
-----END PGP SIGNATURE-----
Signature policy: http://fortytwo.ch/legal/gpg/email.20020822?version=1.5&md5sum=5dff868d11843276071b25eb7006da3e

--Boundary-02=_UGkI/rM+jfIv5zb--