gpg error messag
David Shaw
dshaw at jabberwocky.com
Mon Nov 6 14:17:44 CET 2006
On Mon, Nov 06, 2006 at 11:19:18AM +0100, Patrick Brunschwig wrote:
> Jim Dever wrote:
> > David Shaw wrote:
> >
> >
> >> You might be able to manipulate things into verifying the signature by
> >> editing the file to change the SHA1 string to SHA256, but the real
> >> problem is probably in whatever program generated the message.
> >
> > Thanks! I thought that might be the problem although I didn't know how
> > to determine what hash the message was actually using. What's
> > ridiculous is that the message was produced by the PGP Global Directory
> > keyserver. The message is PGP/MIME in HTML format and I don't even see
> > a HASH string in the message source at all.
>
> The hash string should be in the message header, something like
> Content-Type: multipart/signed; micalg=pgp-sha1;
> protocol="application/pgp-signature";
>
> I'm pretty sure that something is defined -- Enigmail will not try to
> verify the message if no hash algorithm is provided.
Ah, I recall this problem. I reported it to the PGP GD people quite a
while ago, and I thought it had been fixed. The GD was generating a
PGP/MIME micalg setting of pgp-sha1, but the actual signature was
being made with SHA256.
David
More information about the Gnupg-users
mailing list