gnupg, news and Signature Verify
Hanno 'Rince' Wagner
wagner at rince.de
Thu Mar 2 15:38:45 CET 2006
Hi,
I try to establish a way to sign my NewsPostings and - more
interesting - also to verify the messages posted by other people.
Since I am using new keys, the digest algorithm is SHA1 - which I
also use. But gpg seem to have a problem with the signed message (I
can not see why).
I have put the message on http://texte.rince.de/newssig.asc to
verify for everyone. When I do a "gpg --verify --verbose", I get the
following:
-----
$ gpg --verbose --verify newssig.asc
gpg: armor header: Version: GnuPG-v1.4.1
gpg: original file name=''
gpg: Signature made Thu Mar 2 14:44:15 2006 CET using DSA key ID 0B707552
gpg: WARNING: signature digest conflict in message
gpg: Can't check signature: general error
-----
pgpdump sais that the digest-algorithm is SHA1 and valid:
-----
$ pgpdump newssig.asc
[..]
Pub alg - DSA Digital Signature Algorithm(pub 17)
Hash alg - SHA1(hash 2)
[..]
Can anyone tell me why gpg sees a digest conflict in that message?
I'd understand if the signature would be bad or wrong, but
apparently it can not check wether the signature is valid.
Ciao, Hanno
--
| Hanno Wagner | Member of the HTML Writers Guild | Rince at IRC |
| Eine gewerbliche Nutzung meiner Email-Adressen ist nicht gestattet! |
| 74 a3 53 cc 0b 19 - we did it! | Generation @ |
#"Das Faxe ist alle und jetzt sitze ich hier mit T-Shirt und Krawatte..."
# -- sven at joliet.deceiver.org (Sven Hoffmann) erklärt das Binden
# von Krawatten
More information about the Gnupg-users
mailing list