[Enigmail] Unverified signature error
David
dgboles at comcast.net
Wed Jul 15 08:33:46 PDT 2009
On 7/15/2009 10:54 AM, Charly Avital wrote:
> David wrote the following on 7/15/09 10:18 AM:
>> What, exactly, does this mean? And why can I not verify this signature?
>>
>> -----------
>> OpenPGP Security Info
>>
>> Unverified signature
>>
>> gpg command line and output:
>> C:\Program Files (x86)\GNU\GnuPG\gpg.exe
>> gpg: Signature made 07/14/09 17:50:26 using RSA key ID 1C109517
>> gpg: WARNING: signature digest conflict in message
>> gpg: Can't check signature: general error
>> -----------
>
> Please open this link which *might* provide an explanation, or at least
> a clue to the meaning of the warning:
>
> <http://lists.gnupg.org/pipermail/gnupg-devel/2008-September/024599.html>
>
> Does the in-line signed e-mail you were trying to verify contain a line
> indicating which HASH was used, like in your own post to the list:
> =============
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> [...etc....]
> =============
>
>
> Charly
If you mean 'with Enigmail disabled' does it look like (this is mine) a
signed message beginning with:
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
and ending with:
-----BEGIN PGP SIGNATURE-----
Comment: --batch
iEYEARECAAYFAkpd7MYACgkQzrAMrEP3F1pRAACgguV3fOwt7fFBxKVtLDkewJnA
4rEAmgOjScJ/XmBn666YX5ZnVO/EGSG9
=CtU2
-----END PGP SIGNATURE-----
No. It does not.
It looks like an ordinary email with this as an attachment:
signature.asc and Part 1.2
These attachments are also visible with Enigmail enabled.
Screenshots here: http://www.box.net/shared/bhzvud7mv4
--
David
More information about the Enigmail
mailing list