What are those attachments you have on your email?

Stephan Beck stebe at mailbox.org
Fri Nov 25 15:33:00 CET 2016


Sorry, David, for arriving a bit late to the party..., I had to answer
Peter who had addressed several list mails in reply to mine yesterday
and it took me a while.
Yes, as Brian says, the verify command expects an .asc signature file
and a message or a file signed with it as input. By
using/fetching/retrieving the signer's key gpg verifies that this
message/file really was signed by the one who claims to be the signer.

Cheers

Stephan

David Adamson:
> On Fri, Nov 25, 2016 at 5:28 AM, Stephan Beck <stebe at mailbox.org> wrote:
>> Hi David,
>>
>> I kindly invite you to post your PM on-list. It might be of interest for
>> other people as well.
>>
>> Thanks and regards
>>
>> Stephan
>>
> 
> Certainly that sounds like a good idea.
> 
> Stephan,
> 
> Thanks again for your help.  I am playing around with generating my
> keys, importing others and encrypting and decrypting.
> 
> I was thinking of ways to get my key out to people without using the
> keyservers and instead attaching my public key to my email seemed like a good
> idea.  I noticed you have two, one called 0x4218732B.asc and another
> called signature.asc.  Am I correct in assuming your first one is your
> public key?  The second one I'm not sure what it is for.  I thought
> maybe you were signing your public key so I ran the following but got
> a BAD signature message so I thought maybe it's for something else -
> 
> david at system:~/Downloads$ gpg2 --verify signature.asc 0x4218732B.asc
> gpg: Signature made Wed 23 Nov 2016 11:41:22 AM EST
> gpg:                using RSA key 5E77973C5ED0E692
> gpg: Can't check signature: No public key
> david at system:~/Downloads$ gpg2 --import 0x4218732B.asc
> gpg: key 1CA0EF5E4218732B: public key "Stephan Beck
> <sbeck at mailbox.org>" imported
> gpg: Total number processed: 1
> gpg:               imported: 1
> david at system:~/Downloads$ gpg2 --verify signature.asc 0x4218732B.asc
> gpg: Signature made Wed 23 Nov 2016 11:41:22 AM EST
> gpg:                using RSA key 5E77973C5ED0E692
> gpg: BAD signature from "Stephan Beck <sbeck at mailbox.org>" [unknown]
> 
> Thanks!
> 



More information about the Gnupg-users mailing list