Bad Signatures when using check-sigs
brian m. carlson
sandals at crustytoothpaste.net
Sat Dec 17 23:54:41 CET 2011
On Fri, Dec 16, 2011 at 10:26:04AM -0500, David Tomaschik wrote:
> When executing gpg --check-sigs, there are reports of "bad
> signatures." What makes a signature "bad"? For example, on a key I
> signed that has several UIDs, one of my signatures on one UID is
> reported as bad, but the rest are fine. I looked in the docs, but
> didn't find anything... hope I'm not missing something obvious.
It means that one of the following things is true:
* The key alleged to have made the signature did not make the signature.
* The data on which the signature was made is different than the
original data.
* Someone made an error in the OpenPGP implementation.
--
brian m. carlson / brian with sandals: Houston, Texas, US
+1 832 623 2791 | http://www.crustytoothpaste.net/~bmc | My opinion only
OpenPGP: RSA v4 4096b: 88AC E9B2 9196 305B A994 7552 F1BA 225C 0223 B187
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 836 bytes
Desc: Digital signature
URL: </pipermail/attachments/20111217/929982ae/attachment.pgp>
More information about the Gnupg-users
mailing list