Author: Ben McGinnes Date: To: mutt-users Subject: Re: [SPAM?] Re: PGP sigs fail verification
On Fri, Sep 23, 2016 at 09:14:02AM +0200, Jean-Christophe Bach wrote: > Hello,
>
> > OK, I lied. All of the signatures were good except for two messages
> > from Jean-Christophe:
> >
> > 20160921191202.GB18462@???
> > 20160921195336.GD18462@???
> >
> > Both of those were bad. The first of his was good:
> >
> > 20160921060257.GB29391@???
>
> Exactly, the main difference is the fact I did not use the same computer
> to send the emails. In both cases, I have custom headers (for instance
> this email should also have custom headers). I did tests with my
> different addresses, different keys and different computers. Only my
> personal computer "generates" the error.
Have you tried changing your X-PGP-Key custom header to just use
either the long key ID or the fingerprint (or both so people can
choose what to copy and paste)?
Mainly because message headers are always going to change and thus are
never included in signing or encrypting, so it's odd that those
headers would be the cause and I wonder if there's anything in the
content of your headers that are interfering with other things with
mutt. If that's the case then I'd be looking at certain characters in
the the SKS URL (hence advising to lose it just leave the key ID) or
the apostrophes/single quotes in the Cthulhu one.
(text/plain)