mlisten at hammernoch.net
Sun Oct 11 16:01:13 CEST 2009
-----BEGIN PGP SIGNED MESSAGE-----
Sean Wilson wrote on 11.10.09 15:37:
> Why is it when I sign an email and someone replies to it I sometimes get
> the following error:
> Part of the message signed; click on 'Details' button for more information
> in the details it says:
> OpenPGP Security Info
> Error - signature verification failed
> gpg command line and output:
> C:\Program Files\GNU\GnuPG\gpg.exe
> gpg: Signature made 10/11/09 14:13:48 using RSA key ID xxxxxx
> gpg: BAD signature from "Sean Wilson <sean at xxxxxx.com>"
> Why does this happen?
> If I send an email between two different email accounts and I sign it,
> then reply I NEVER get a broken signature so why does this happen when
> other people reply to my emails?
You're using in-line signatures, the recipient does not use gnupg and
cites your mail when replying, isn't it?
In this case, the following is happening: he/she is citing your mail
including the signature. Enigmail tries to verify it, but due to the
insertion of citation marks, e.g. "> " at the beginning of the lines,
your original message is modified, so the signature is broken.
It doesn't make much sense to sign messages to recipients who can't
verify it. If your recipient is using enigmail, it will strip your
signature upon replying.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (Darwin)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/
-----END PGP SIGNATURE-----
More information about the Gnupg-users