Pls. agree the title "PGP sigs fail verification" because this is not
about my sig only. Thanks!
Could this be about incompatibility btwn GnuPG v1.4 and v2.x ?
But first, let me correct the wrong link, and expand along the
correcting of it, below.
On 160918-22:34+0200, Miroslav Rovis wrote:
> On 160918-08:51-0700, Ian Zimmerman wrote:
> > On 2016-09-18 14:20, Miroslav Rovis wrote:
> >
> > > That it would turn BAD is hard to conceive for me. I'm far from an
> > > expert, but I do use my GnuPG correctly.
> >
> > This one verifies OK.
> You mean that Ken Moffat's sig in that previous email. I just tried,
> having imported it successfully with:
> gpg --recv-key 3043C26D
> but I can't verify it. It says:
>
> [-- PGP output follows (current time: Sun 18 Sep 2016 22:15:34 CEST) --]
> gpg: Signature made Sun 18 Sep 2016 17:46:03 CEST using RSA key ID
> 3043C26D
> gpg: BAD signature from "Ken Moffat (ntlworld address)
> <zarniwhoop@???>"
> [-- End of PGP output --]
>
> [-- The following data is signed --]
> ...
>
> and in the status bar:
>
> - s - 334/335: Ken Moffat Re: OT: Miro's PGP signature [Was: urlview..
> PGP signature could NOT be verified.
>
Also this mail, which I misreported the sender in the previous email:
> Sort mailboxes vs. file browser
> http://marc.info/?l=mutt-users&m=147320724731079&w=2
I could verify the sig:
Subject: Sort mailboxes vs. file browser
User-Agent: Mutt/1.5.21 (2010-09-15)
[-- PGP output follows (current time: Mon 19 Sep 2016 15:33:53 CEST) --]
gpg: Signature made Wed 07 Sep 2016 02:06:37 CEST using DSA key ID
+DFBEAD02
gpg: Good signature from "Derek D. Martin <ddm@???>"
gpg: aka "Derek D. Martin <ddm@???>"
gpg: WARNING: This key is not certified with a trusted signature!
gpg: There is no indication that the signature belongs to the
+owner.
Primary key fingerprint: B5F7 DC7F F7B9 A9E2 5AE2 9002 1C49 C048 DFBE
+AD02
- S - 283/338: Derek Martin Sort mailboxes vs. file bro --
(47%)
PGP signature successfully verified.
> I am able to verify some people's sigs in previous emails, like this
> email, of course in my mailbox [*]:
>
( the non-belonging link and subject from here moved to above, it is correct
now below )
Delete message after bouncing to spam address
http://marc.info/?l=mutt-users&m=147324473407815&w=2
>
> [-- PGP output follows (current time: Sun 18 Sep 2016 22:19:02 CEST) --]
> gpg: Signature made Wed 07 Sep 2016 12:21:36 CEST using RSA key ID
> +48C912E7
> gpg: Good signature from "Paul Saunders <darac@???>"
> gpg: aka "Darac Marjal <mailinglist@???>"
> gpg: WARNING: This key is not certified with a trusted signature!
> gpg: There is no indication that the signature belongs to the
> +owner.
> Primary key fingerprint: 689D 9753 FE50 6B09 2C1E 352A E6E9 E425 48C9
> +12E7
> [-- End of PGP output --]
>
> [-- The following data is signed --]
>
> Hi all,
> - S - 284/335: Darac Marjal Delete message after boun -- (57%)
> PGP signature successfully verified.
> ...
This desire of mine is still there:
> ---
> [*] And I'd be terribly interested to learn, some day if not soon, how
> can one check mails by their signitures when they are exposed in public
> web, such as on Mutt Archives, or in my (frozen) Lurker (
> such as:
> http://www.croatiafidelis.hr/cenz/iskon-tcom-mr/message/20160623.134629.b7534288.en.html
After having corrected the last mail with the above, I'll try and make
another enquiry about this non-verification/verification
now-it-does-next-it-does-not issue, which I partly already prepared.
--
Miroslav Rovis
Zagreb, Croatia
http://www.CroatiaFidelis.hr
(text/plain)