> A "bad signature" _only shows one thing_: The message was modified > along the way from the signing process (at the senders computer) to > the verification process (at your computer).
It doesn't even show that. The modification can be in the signature, not the message -- meaning it's possible to have an entirely unchanged message, but still have a bad signature. A good signature verifies message integrity. A bad signature does not confirm tampering: it only states the integrity is not assured.
smime.p7s
Description: S/MIME Cryptographic Signature
_______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users