Am 08.05.25 09:55 schrieb(en) Werner Koch:
> Apparently Thunderbird (and maybe other MUA's, too?) *is* able to deal
> with this signature, including a warning if the message has been
> tampered with, whilst any application using the gpgsm through gpgme or
> directly isn't which of course is a pit
Am 06.05.25 12:14 schrieb(en) Werner Koch:
[snip]
This signature is a certificate-only message:
$ ~/b/libksba/tests/t-cms-parser SIG.bin
*** checking `SIG.bin' ***
identified as: signed data
stop reason: 2
ContentType: 1.2.840.113549.1.7.2
stop reason: 3
EncapsulatedContentType: 1.2.840.113549.1
Hi,
first, a happy new year 2025 to everybody!
Am 02.10.24 09:19 schrieb(en) Werner Koch:
[snip]
Thus libksba does not see the actual signature but only the
certificates. The data is handled as a kind of certs-only message but
that's of course wrong. I'll get back to you as soon as I have had
Hi all,
I stumbled over a S/MIME signed message where gpgsm seems to be unable to
extract the signers and to verify the signature. Using the attached signature
blob and a dummy “message” part, gpgsm says just
$ gpgsm --debug-level basic --verify SIG.bin dummy.txt
gpgsm: enabled debug flags:
