MIME or inline signature ?

Robert J. Hansen rjh at sixdemonbag.org
Mon Feb 16 00:07:25 CET 2015

> A "bad signature" _only shows one thing_: The message was modified 
> along the way from the signing process (at the senders computer) to 
> the verification process (at your computer).

It doesn't even show that.

The modification can be in the signature, not the message -- meaning
it's possible to have an entirely unchanged message, but still have a
bad signature.

A good signature verifies message integrity.  A bad signature does not
confirm tampering: it only states the integrity is not assured.

-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 3744 bytes
Desc: S/MIME Cryptographic Signature
URL: </pipermail/attachments/20150215/dac38877/attachment.bin>

More information about the Gnupg-users mailing list