basic hash signature question
Albert
gnupg at ml0402.albert.uni.cc
Fri Mar 12 16:38:06 CET 2004
Am Freitag, 12. März 2004 00:53 schrieb David Shaw:
> On Fri, Mar 12, 2004 at 12:22:21AM +0100, Albert wrote:
> > Am Donnerstag, 11. März 2004 23:35 schrieb David Shaw:
> > > > if someone doesn't have the signer's public key,
> > > > is it still possible to verify the integrity of the signed
> > > > file, even though one cannot verify the authenticity
> > >
> > > No.
> > >
> > > David
> >
> > Is there a possibility to check with a webinterface? url?
>
> Without the signer's public key, you can't do anything. The math
> just doesn't work that way.
The public key I can get from a keyserver
> You could set up a web page to check signatures, sure, but you're
> assuming that web page is trustworthy and not compromised, etc.
That's the problem. I am thinking of a situtation, where no gpg is
installed on a foreign pc.
Albert
More information about the Gnupg-users
mailing list