gpg error messag
Patrick Brunschwig
patrick at mozilla-enigmail.org
Mon Nov 6 11:19:18 CET 2006
Jim Dever wrote:
> David Shaw wrote:
>
>
>> You might be able to manipulate things into verifying the signature by
>> editing the file to change the SHA1 string to SHA256, but the real
>> problem is probably in whatever program generated the message.
>
> Thanks! I thought that might be the problem although I didn't know how
> to determine what hash the message was actually using. What's
> ridiculous is that the message was produced by the PGP Global Directory
> keyserver. The message is PGP/MIME in HTML format and I don't even see
> a HASH string in the message source at all.
The hash string should be in the message header, something like
Content-Type: multipart/signed; micalg=pgp-sha1;
protocol="application/pgp-signature";
I'm pretty sure that something is defined -- Enigmail will not try to
verify the message if no hash algorithm is provided.
-Patrick
More information about the Gnupg-users
mailing list