can't verify my own signature
John Clizbe
JPClizbe at tx.rr.com
Tue Jul 22 15:04:25 CEST 2008
kurt c wrote:
> Well, John, why is it then that when I sent an encrypted and signed
> message to this other Gmail account of mine without Enigmail, and
> clicked on Privacy Tray's "clickboard" -> "decrypt/verify", the message
> is both decrypted and verified as with good signature? If the message is
> altered through the webmail system so that its signature can't be
> verified, why is it that when it's encrypted it can both be decrypted
> and verified?
Please address messages to the list, not a person.
Short Answer: The text manipulations performed by Web mail user agents which
break inline signed OpenPGP messages are not possible with encrypted messages.
Trying to compare what happens to encrypted (& signed) messages versus inlined
signed messages in transit is somewhat of an 'apples to oranges' proposition.
--
John P. Clizbe Inet: John (a) Mozilla-Enigmail.org
You can't spell fiasco without SCO. hkp://keyserver.gingerbear.net or
mailto:pgp-public-keys at gingerbear.net?subject=HELP
Q:"Just how do the residents of Haiku, Hawai'i hold conversations?"
A:"An odd melody / island voices on the winds / surplus of vowels"
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 656 bytes
Desc: OpenPGP digital signature
URL: </pipermail/attachments/20080722/65b61085/attachment.pgp>
More information about the Gnupg-users
mailing list