In an attempt to learn more about the workings of gpg, I've been trying to verify emails from the command line.
These signatures are not signed, but mutt reports a good signature, but, of course, warning that they are not signed.. When I try to verify a saved message - one which has been reported as "good" from Mutt, gpg returns a "BAD" signature. I've tried saving the orig. msg attachment part as, say "body", and the sig attachment as "body.asc".. In fact, I've even been able to cat the two temp files to a screen, cut-and-paste these outputs to files, then cut the command from a ps listing (with filename edited) and still no go.. I can cleartext sign a file with my own key, and it comes back as "Good". In fact, another oddity to me -- The email message has to have the signature in a separate file or gpg tries to open another file, coming back with a filename not found error, and no signature found. But on my own signed file, it works with only the signed file.. and the filename different from the original. The signature that I generate looks identical to that at the end of an email, the length of the strings of characters is of identical length on both lines (different characters, of course), so it would appear that my sigs are of the same type as the emails.. Maybe this is not all that important, but it might prove helpful to be able to do this, and it seems as if it _should_ work. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
