verifying signature after decryption
Atom 'Smasher'
atom-gpg at suspicious.org
Mon Apr 26 19:38:13 CEST 2004
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
> Someone mentioned on this list a while back that GPG supports
> extracting the symmetric session key used for a message. If you
> provide this session key to someone, they can use GPG to decrypt that
> particular message only, including the signature. I'm not sure what
> the exact commands are.
====================================
the session key is extracted with --show-session-key and used with
- --override-session-key.
this requires some extra work on the recipients end. ideally, i'd like to
make it idiot-resistant enough that it would automagically work, like in
someones MUA.
some people are deathly afraid of the command line. some people can be
taught how to use pgp in their MUA, but might not trust instructions that
a geek tells them to run on the command line.
...atom
_________________________________________
PGP key - http://atom.smasher.org/pgp.txt
3EBE 2810 30AE 601D 54B2 4A90 9C28 0BBF 3D7D 41E3
-------------------------------------------------
"We do many things at the federal level
that would be considered dishonest and
illegal if done in the private sector."
-- Ronald Reagan
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (FreeBSD)
Comment: What is this gibberish? - http://atom.smasher.org/links/#digital_signatures
iEYEARECAAYFAkCNSQoACgkQnCgLvz19QeNOxACePmL2zW6bjhp41NxxcV3Qm9tt
1pcAnR7/FnFI0h6fvbPEPYfDPlu9r9PR
=3p7R
-----END PGP SIGNATURE-----
More information about the Gnupg-users
mailing list