Encrypting and signing in the same run
Robert J. Hansen
rjh at sixdemonbag.org
Thu Sep 3 18:01:29 CEST 2009
> However, it doesn't seem to meet their requirements. Here's the reply of
> our partner :
> "The file is first encrypted and then signed. Not encrypted and signed
> in the same run."
It's possible that your partner has phrased things poorly. It may be
your partner meant to say, "We want the file to be encrypted and then
signed, not encrypted and signed in the same run."
The way you are doing things, GnuPG will (in effect) combine encryption
and signing into a single step. Some groups have policies that say this
is a bad idea. For these people, you need to explicitly break it up
into two steps:
gpg --encrypt --recipient 'Your Recipient' filename
gpg --sign --local-user 'Your Key' filename.gpg
This _may_ be the problem. I make no guarantees.
More information about the Gnupg-users