[fa-ml at ariis.it: Re: How to verify a signed mail (silly question maybe, sorry ; )]
kloecker at kde.org
Thu Jul 3 20:11:34 CEST 2014
On Thursday 03 July 2014 08:49:12 Linux DEBIAN wrote:
> thanks for your reply.
> Maybe I do soemthing wrong and following the instructions, still
> receiving 'bad signature'.
I'm not surprised. It seems that Francesco Ariis has left out a crucial
step (or you have removed it when you quoted his message). RFC 3156
Upon receipt of a signed message, an application MUST:
(1) Convert line endings to the canonical <CR><LF> sequence before
the signature can be verified. This is necessary since the
local MTA may have converted to a local end of line convention.
(2) Pass both the signed data and its associated content headers
along with the OpenPGP signature to the signature verification
> It's my mail and my signature (for testing purposes) so I'm sure
> signature is ok, btw.
> Does it matter if in the beginning of the part is:
> Content-Type: Text/Plain;
> Content-Transfer-Encoding: quoted-printable
> and the whole copied part ends with:
It shouldn't matter.
> Also, when I copy the text, when using Kate (text editor for KDE,
> Linux), I always use utf-8 for opening/saving documents.
> Shall I change to another charset ?
> There is no choice for exactly 'ascii', just e.g. western european ISO
> 8859-1 and many others.
The charset should be irrelevant because quoted-printable encoded text
does not contain any non-ASCII characters.
Concerning (1) in the excerpt of RFC 3156 quoted above, you have to tell
Kate to switch the line endings to Windows line endings (Tools->End of
Line->Windows/DOS) before saving the text to a file. Or run unix2dos on
the saved text to convert the line endings on the command line.
If you do all of this correctly, then you might be lucky that the
signature verification succeeds. You might not be so lucky when the next
signed message arrives.
IMHO trying to verify an OpenPGP/MIME-signed message by hand is at most
a nice exercise, but it's certainly nothing one should do regularly.
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 198 bytes
Desc: This is a digitally signed message part.
More information about the Gnupg-users