On 02/15/2015 04:12 PM, Stephan Beck wrote:
Obviously, it indicates a key ID 0xBA4909B78F04DE1B and links to a key that is not the key the message was signed with (which is DE2FFC869AFA5165, according to Enigmail/gpg), even if the fingerprint is given as well.
Well, the 0xDE2FFC869AFA5165 key is a signing subkey of Xavier’s master key 0xBA4909B78F04DE1B. Indicating the master key (which is the one everyone needs to know about and sign) instead of the signing subkey is the correct thing to do. By downloading the master key from a keyserver, you will automatically fetch the signing subkey as well.
You seem to have misinterpreted Enigmail’s error message. When it says: Error - signature verification failed Public key DE2FFC869AFA5165 needed to verify signature BAD signature from Xavier Maillard <xav...@maillard.im>the second line does not imply that the indicated key is not available. Enigmail displays such a line everytime a signature verification fails, even when the indicated key *is* present in your keyring (which is somewhat misleading).
The important line is the third, which tells that Enigmail was in fact able to perform the verification (meaning it has the right key).
Now, I don’t know why the verification failed, but I do note, quite ironically, that this is an inline signature, while a previous message from Xavier, with a PGP/MIME signature from the same key, was verified correctly…
Damien
signature.asc
Description: OpenPGP digital signature
_______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
