basic hash signature question

David Shaw dshaw at jabberwocky.com
Thu Mar 11 23:35:59 CET 2004


On Thu, Mar 11, 2004 at 02:00:38PM -0800, vedaal at hush.com wrote:
> when gnupg is used to sign a file with a signing key,
> two things can be determined from the signature hash:
> 
> [1] the file can be verified as 'unchanged' from the time of the signing
> 
> [2] the file can be authenticated as being signed by the person in possession
> of the signing key
> 
> 
> basic question ;-) :
> 
> if someone doesn't have the signer's public key,
> is it still possible to verify the integrity of the signed file,
> even though one cannot verify the authenticity 

No.

David



More information about the Gnupg-users mailing list