can't verify my own signature

John Clizbe JPClizbe at
Tue Jul 22 15:04:25 CEST 2008

kurt c wrote:
> Well, John, why is it then that when I sent an encrypted and signed
> message to this other Gmail account of mine without Enigmail, and
> clicked on Privacy Tray's "clickboard" -> "decrypt/verify", the message
> is both decrypted and verified as with good signature? If the message is
> altered through the webmail system so that its signature can't be
> verified, why is it that when it's encrypted it can both be decrypted
> and verified?

Please address messages to the list, not a person.

Short Answer: The text manipulations performed by Web mail user agents which
break inline signed OpenPGP messages are not possible with encrypted messages.

Trying to compare what happens to encrypted (& signed) messages versus inlined
signed messages in transit is somewhat of an 'apples to oranges' proposition.

John P. Clizbe                      Inet:   John (a)
You can't spell fiasco without SCO. hkp://  or
     mailto:pgp-public-keys at

Q:"Just how do the residents of Haiku, Hawai'i hold conversations?"
A:"An odd melody / island voices on the winds / surplus of vowels"

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 656 bytes
Desc: OpenPGP digital signature
URL: </pipermail/attachments/20080722/65b61085/attachment.pgp>

More information about the Gnupg-users mailing list