basic hash signature question
David Shaw
dshaw at jabberwocky.com
Fri Mar 12 00:53:26 CET 2004
On Fri, Mar 12, 2004 at 12:22:21AM +0100, Albert wrote:
> Am Donnerstag, 11. März 2004 23:35 schrieb David Shaw:
>
> > > if someone doesn't have the signer's public key,
> > > is it still possible to verify the integrity of the signed
> > > file, even though one cannot verify the authenticity
> >
> > No.
> >
> > David
>
> Is there a possibility to check with a webinterface? url?
Without the signer's public key, you can't do anything. The math just
doesn't work that way.
You could set up a web page to check signatures, sure, but you're
assuming that web page is trustworthy and not compromised, etc.
David
More information about the Gnupg-users
mailing list