basic hash signature question

vedaal at hush.com vedaal at hush.com
Thu Mar 11 23:00:38 CET 2004


when gnupg is used to sign a file with a signing key,
two things can be determined from the signature hash:

[1] the file can be verified as 'unchanged' from the time of the signing

[2] the file can be authenticated as being signed by the person in possession
of the signing key


basic question ;-) :

if someone doesn't have the signer's public key,
is it still possible to verify the integrity of the signed file,
even though one cannot verify the authenticity 

tia,

vedaal





Concerned about your privacy? Follow this link to get
FREE encrypted email: https://www.hushmail.com/?l=2

Free, ultra-private instant messaging with Hush Messenger
https://www.hushmail.com/services.php?subloc=messenger&l=434

Promote security and make money with the Hushmail Affiliate Program: 
https://www.hushmail.com/about.php?subloc=affiliate&l=427



More information about the Gnupg-users mailing list