Subject: Re: corrupt pgp/mime sigs
To: None <netbsd-users@netbsd.org>
From: Wolfgang S. Rupprecht <wolfgang+gnus20031210T121144@dailyplanet.dontspam.wsrcc.com>
List: netbsd-users
Date: 12/10/2003 12:25:57
<#secure method=pgpmime mode=sign>
christianbiere@gmx.de (Christian Biere) writes:
> Wolfgang S. Rupprecht wrote:
>> Are other folks seeing a message signature corruption too?
>
> No. IIRC, the author(s) of your software, Mailcrypt that is, don't
> agree with the rest of the world about how a signature should be
> attached to a mail. Therefore, it's incompatible with most other software
> which supports PGP.
Do you mean PGP/MIME vs PGP-style sigs? I noticed that already. The
fact that there are two incompatible "standards" is very annoying.
While Mailcrypt when used by itself is limited to PGP-style, when
using gnus it does (usually) decode and encode PGP/MIME.
The one thing I noticed about the messages that validate correctly is
they have a "Content-Type: multipart/signed; micalg=pgp-sha1;"
The ones that fail have a "Content-Type: multipart/signed; micalg=x-unknown;"
This is all fairly new to me and I'm not sure what the "micalq" is,
but if other folks can decode it, I guess gnus is screwing up.
> E.g., I cannot verify the validity of your mail
> signature as-is. (I'm not talking about clear signatures).
If it makes you feel better, neither could I validate my message
(although obviously it normally does validate correctly). Whatever
lossage I was seeing cascaded to my message as well.
>> (I just started using automatic gnupg decoding with emacs/gnus. It is
>> pretty slick, automatically fetching keys as needed.)
>
> Hopefully, it does differ between trusted and untrusted keys.
It does, but only if you use the expanded explanation. If you use the
short form it only says "[[PGP Signed Part:OK]]". FYI This is what it
showed for your message:
[[PGP Signed Part:OK]
gpg: Signature made Wed Dec 10 11:57:03 2003 PST using DSA key ID 7A3220C7
gpg: Good signature from "Christian Biere <christianbiere@gmx.de>"
gpg: WARNING: This key is not certified with a trusted signature!
gpg: There is no indication that the signature belongs to the owner.
Primary key fingerprint: D952 6F9B 37E4 801A 5F9E 79AE D0A4 22C7 7A32 20C7
]
-wolfgang
--
Wolfgang S. Rupprecht http://www.wsrcc.com/wolfgang/
The above "From:" address is valid. Don't mess with it.