On Mon, Feb 05, 2001 at 09:46:27AM -0500, Nollaig MacKenzie wrote:
>
>On 2001.02.05 08:34:45, you,
> the extraordinary Åsmund Skjæveland, opined:
>
>> > I don't like to automatically check signatures on message opens,
>> > but I'd like to be able to do it manually, yet I can't find a
>> > command to do this.
>> >
>> > I'm not talking about setting pgp_verify_sig but rather a command
>> > that I can issue to do this at any time while viewing the message.
>>
>> Press "|" (pipe to command) and type "gpg --verify"?
>>
>
>
>Curiously, this gives a different result from the check
>done by Mutt's invocation of GPG;
>
>Mutt gets:
>
>gpg: Signature made Mon Feb 5 02:34:45 2001 EST using DSA key ID 54B975CE
>gpg: Good signature from "Åsmund Skjæveland <[EMAIL PROTECTED]>"
>gpg: aka "Åsmund Skjæveland <[EMAIL PROTECTED]>"
>gpg: aka "Åsmund Skjæveland <[EMAIL PROTECTED]>"
>gpg: WARNING: This key is not certified with a trusted signature!
>gpg: There is no indication that the signature belongs to the owner.
>
>Piping gets:
>
>gpg: Signature made Mon Feb 5 02:34:45 2001 EST using DSA key ID 54B975CE
>gpg: BAD signature from "Åsmund Skjæveland <[EMAIL PROTECTED]>"
>
>
>Well, maybe not so curious; gpg-2comp does do some work....
By default, Mutt makes the body of a signed email quoted-printable, so
the contents will not be equivalent. If you check the raw msg w/ GPG,
it will be different than checking the decoded message. I'm not 100%
sure, but I think that's why the signature will check OK w/ Mutt's
functions, but fail on piping the msg into gpg --verify.
--
Oooooo-oooo-oooo-ooooo, Oooooo-oooo-oooo-ooooo, Ooooo-weem-oh-wum-ooo-ayyy
In the jungle, the silicon jungle, the process sleeps tonight.
Joe Philipps <[EMAIL PROTECTED]>, http://www.philippsfamily.org/Joe/
public PGP/GPG key 0xFA029353 available via http://www.keyserver.net
PGP signature
