MIME or inline signature ?

Stephan Beck stebe at mailbox.org
Mon Feb 16 18:19:25 CET 2015


Am 16.02.2015 um 00:01 schrieb Damien Goutte-Gattat:
>> > What's wrong with what I am doing?
> 
> You provide GnuPG with only the *signature*. You need to also give it the
> *signed data* (the message) so that it can perform the verification.
> 
> If you want to do that manually (something you don’t usually do with PGP/MIME
> signatures, since it’s quite cumbersome): In addition to what you have already
> done (saving the signature itself in “signature.asc”), you must also extract the
> MIME part that was signed.

Thanks, Damien, now my GPG (stand-alone) has verified the signature, telling me
BAD signature. I don't know why, but I do not worry (too much).


Stephan




-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 490 bytes
Desc: OpenPGP digital signature
URL: </pipermail/attachments/20150216/2c8094e5/attachment.sig>


More information about the Gnupg-users mailing list