On Wed, Oct 16, 2002 at 11:59:44AM -0500, David wrote: > In an attempt to learn more about the workings of gpg, I've been trying > to verify emails from the command line. > > These signatures are not signed, but mutt reports a good signature, but, > of course, warning that they are not signed.. > > When I try to verify a saved message - one which has been reported as > "good" from Mutt, gpg returns a "BAD" signature.
That's probably because the mail is encoded in e.g. quoted-printable.
When you save an attachment from mutt, mutt de-codes it first (so you
end up with plain text).
From mutt, try to (C)opy the message to /tmp/somefile, and look at it
there. You'll probably see things like "--=20" at the beginning of the
signature.
The authoritative source is probably rfc2015:
http://www.faqs.org/rfcs/rfc2015.html
which I believe mutt follows. It's quite a good read.
--
Karl E. Jørgensen
[EMAIL PROTECTED]
www.karl.jorgensen.com
==== Today's fortune:
Economics is extremely useful as a form of employment for economists.
-- John Kenneth Galbraith
pgpT0huX597mO.pgp
Description: PGP signature
