Menu

#1 GPGrelay produces invalid (inline) signatures

open
nobody
None
5
2003-03-19
2003-03-19
Uwe Renner
No

We use Pegasus 4.02 (english version). When sending inline PGP
signatures, the signatures are NOT VALID. Means: when receiving
the mails, the signatures are detecetd, even the found key ID ist right,
but then says "invalid"...

Any known issues?

Discussion

  • Andreas John

    Andreas John - 2004-02-22

    Logged In: YES
    user_id=130931

    Hi!

    Who does what?
    GPGrelay sign and verify? I would have seen this myself.
    Or GPGrelay signs and Pegasus verify fails?
    I doubt this one, as I have verified inlined GPGrelay-
    Signatures myself by hand a few times.

    So it must be Pegasus sign and GPGrelay verify fails?
    So, maybe it would help if you could directly send me a signed
    mail.

    Bye!

     

  • Nobody/Anonymous

    Nobody/Anonymous - 2006-06-01

    Logged In: NO

    Invalid means you are using a trust setting that requires
    public keys to be valid, and you've done nothing to validate
    the key used to sign the message. At least lsign the
    signer's key and your problem will go away. It's between you
    and GnuPG. It has nothing to do with GPGrelay. Since
    encrypting to an untrusted key takes away no security in all
    cases, you should go to GPGrelay's Global Control panel and
    enable "Always trust keys".

     

Log in to post a comment.

Want the latest updates on software, tech news, and AI?
Get latest updates about software, tech news, and AI from SourceForge directly in your inbox once a month.