Can't decrypt PGP 8 msg
Dmitri I GOULIAEV <firstname.lastname@example.org>
Thu Sep 11 00:59:10 2003
Content-Type: text/plain; charset=us-ascii
Hi, Neil Williams !
On Wed, Aug 06, 2003 at 06:21:55PM +0100, Neil Williams wrote:
> On Tuesday 05 Aug 2003 10:07 pm, Eugene Smiley wrote:
> Eugene, why have your recent posts showed up with DOUBLE signatures?
> Message was signed with unknown key.
> The validity of the signature cannot be verified.
> Status: No signature found
> Message was signed by T. Eugene Smiley (Key ID: 0xA7EDFD2F).
> The signature is valid, but the key is untrusted.
> Has anyone else been seeing this?
Yes, I saw it.=20
For me (and for my mutt-22.214.171.124i) his message is two parts message:
,---[ mutt: attachments ]---
| I 1 <no description> [text/plain, 7bit, us-ascii, 2.1K]=
| A 2 S/MIME Cryptographic Signature [applica/x-pkcs7-si, base64, 4.7K]=
First part is an in-line part, and second one is an attachment.
When I just read his entire message (or just its first part), I can pass it=
through the pipe (``gnupg --verify'') and I obtain this:
,---[ | gnupg --verify ]---
| gpg: Signature made Tue Aug 5 16:06:57 2003 CDT using DSA key ID A7EDFD2F
| gpg: Good signature from "T. Eugene Smiley <email@example.com>"
| gpg: aka "GSWoT:1:215:A7EDFD2F"
| gpg: aka "T. Eugene Smiley (Webmaster) <firstname.lastname@example.org=
| gpg: WARNING: This key is not certified with a trusted signature!
| gpg: There is no indication that the signature belongs to the ow=
| Primary key fingerprint: 5B8F E97F 9E56 077A 17A9 3B9A E903 ED02 A7ED FD=
But I do not know what to do with his second part.
> The outside mime boundary contains:
> Content-Type: application/x-pkcs7-signature; name=3D"smime.p7s"
> Content-Transfer-Encoding: base64
> Content-Disposition: attachment; filename=3D"smime.p7s"
> Content-Description: S/MIME Cryptographic Signature
> Yet it doesn't verify as S/MIME - it comes up as unknown mime type in KMa=
> The block is also VERY long (4.7kb), more like an attached public key rat=
> than a signature? (yet it lacks the BEGIN/END PGP KEYBLOCK lines or=20
> comments). gpg complains of a lack of OpenPGP data when the block is save=
> a file. The email itself verifies nicely, it's just the double signature =
> is confusing me.
DIG (Dmitri I GOULIAEV)
1024D/63A6C649: 26A0 E4D5 AB3F C2D4 0112 66CD 4343 C0AF 63A6 C649
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (GNU/Linux)
-----END PGP SIGNATURE-----