Re-attaching a signature

David Shaw dshaw at jabberwocky.com
Fri Apr 11 22:32:50 CEST 2008


On Sun, Apr 06, 2008 at 04:59:56PM -0400, Trammell Hudson wrote:
> Is there a way to detach a signature from a message after it has
> already been signed and then to-reattach it?  As an example, let's
> say that I've received a signed message encrypted to me and I want
> to be able to decrypt it, verify the signature and then re-encrypt
> it to resend it to someone else, but with the original signature
> rather than mine.

The OpenPGP protocol allows for this, but there are no tools that can
currently do it.  What you need is a change in GPG to unwrap only one
layer of a layered object.  Signed and encrypted data is layered with
the data on the inside, then the signature around that, then the
encryption around that.

It's actually on my list of interesting things to do someday, but
doesn't exist today.

David



More information about the Gnupg-users mailing list