> A "bad signature" _only shows one thing_: The message was modified 
> along the way from the signing process (at the senders computer) to 
> the verification process (at your computer).

It doesn't even show that.

The modification can be in the signature, not the message -- meaning
it's possible to have an entirely unchanged message, but still have a
bad signature.

A good signature verifies message integrity.  A bad signature does not
confirm tampering: it only states the integrity is not assured.

Attachment: smime.p7s
Description: S/MIME Cryptographic Signature

_______________________________________________
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Reply via email to