On Mon, Aug 12, 2013 at 11:40:35AM +0300, Martin T wrote: > Hi, > > one can sign the message with "--clearsign" option which adds ASCII > armored(Radix-64 encoding) "PGP signature" at the end of the text. > This "PGP signature" contains the UID of the signer, timestamp and key > ID. However, two questions: > > 1) Where is the UID of the signer, timestamp of the signature and > signer key-ID stored? If I execute "gpg2 --verify file.asc", then I'm > able to see the UID of the signer, timestamp and signer key-ID, but if > I decode the Radix-64/base64 data back to binary(base64 -d) and use > "hexdump -C" to analyze this data, I do not see the UID, timestamp or > signer key-ID. > > 2) What exactly is this "PGP signature"? Is it a SHA1 hash of the > message which is encrypted with my private key and then ASCII armored?
According to http://openpgp.org/technical/ the OpenPGP standard is RFC 4880. So, as your question is quite technical, you should be able to find your answer here : http://www.ietf.org/rfc/rfc4880.txt Sorry for not being able to help you more! Leo _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
