Not enough information to check signature validity

Werner Koch wk at
Wed Feb 28 15:27:18 CET 2018

On Wed,  7 Feb 2018 23:59, MarshallAbrams at said:
> A friends had to re-install gpg4win as a result of a hard disk
> failure. Since then, all encrypted files received from her come with a
> warning "Not enough information to check signature validity." What can

You don't have her public key to to verify the signature of the data.
It is common for OpenPGP to first sign the data and then encrypt this
signed data.  If gpg can't verify the signature after decryption your
frontend (Kleopatra, I guess) shows this message.

> I or she, do to eliminate this message?

You need to import her public key - that is commonly the same key you
use to encrypt data to her.



#  Please read:  Daniel Ellsberg - The Doomsday Machine  #
Die Gedanken sind frei.  Ausnahmen regelt ein Bundesgesetz.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 227 bytes
Desc: not available
URL: <>

More information about the Gnupg-users mailing list