Re: PGP sigs fail verification

Top Page
Message as email
+ (text/plain)
Delete this message
Author: Ian Zimmerman
To: mutt-users
Subject: Re: PGP sigs fail verification
On 2016-09-19 16:15, Ian Zimmerman wrote:

> For my part I now think this is a flea.

There must be more than one thing going on :(

I did the manual gpg test on multiple mails, this time properly
massaging them into the RFC 3156 format. In most cases, mutt and gpg
actually agree: both say BAD, or both say GOOD. There is one exception,
though: Miro's original message in which this thread is rooted. That
one verifies OK through manual gpg, but mutt says BAD.

So, there's a flea, but there's also a bug :(

Can the house experts comment on this - Patrick, Erik, Cameron? Does
sig verification just work for you?

Here are the mailing list messages I tested:

                                                          mutt    gpg   GOOD    GOOD    GOOD    GOOD    BAD     GOOD    BAD     BAD   BAD     BAD

I conjecture that the BAD result in the case of Jean-Christophe's
message, #4 above, results from him inserting a non-standard X- header
in the signed MIME part. I don't have an explanation for the other BAD

Please *no* private Cc: on mailing lists and newsgroups
Why does the arrow on Hillary signs point to the right?