Ehrlich)
-Original Message-
From: Gnupg-users [mailto:gnupg-users-boun...@gnupg.org] On Behalf Of Ingo
Klöcker
Sent: Thursday, January 28, 2016 11:52 AM
To: gnupg-users@gnupg.org
Subject: Re: BAD signatures for GnuPG Stable
On Thursday 28 January 2016 09:31:31 Aaron Tovo wrote:
> Thanks f
On Thursday 28 January 2016 09:31:31 Aaron Tovo wrote:
> Thanks for the info.
>
> Today I re-downloaded the .bz2 and .sig. And the verification worked
> (see output below). I did file diffs between the new and the previous
> downloads with 'diff' and they are identical. So I tried verify on the
>
On 2016-01-28 16:31, Aaron Tovo wrote:
I did file diffs between the new and the previous
downloads with 'diff' and they are identical. So I tried verify on
the
previous download and it worked this time. Very confusing.
My guess is that sharp-eyed Damien Goutte-Gattat was correct and you
were
Thanks for the info.
Today I re-downloaded the .bz2 and .sig. And the verification worked
(see output below). I did file diffs between the new and the previous
downloads with 'diff' and they are identical. So I tried verify on the
previous download and it worked this time. Very confusing.
I've al
Probably. Although I did get a failure when using both parameters, but
it was a different error message.
$ gpg --verify libgpg-error-1.21.tar.bz2.sig libgpg-error-1.21\(1\).tar.bz2
gpg: can't open `libgpg-error-1.21.tar.bz2.sig'
gpg: verify signatures failed: file open error
But I was also renam
Hi,
> Aaron Tovo hat am 28. Januar 2016 um 06:12
> geschrieben:
> I re-downloaded sig file and it still fails the gpg --verify test.
>
> $ gpg --verify libgpg-error-1.21.tar.bz2.sig gpg: Signature made Sat 12
> Dec 2015 06:03:30 AM CST using RSA key ID 4F25E3B6
> gpg: BAD signature from "Werne
On 01/28/2016 06:12 AM, Aaron Tovo wrote:
I downloaded libgpg-error-1.21.tar.bz2 again today and it has a the
correct size (763186)
-rw-rw-r-- 1 aaron aaron 763186 Jan 27 22:53 libgpg-error-1.21(1).tar.bz2
I re-downloaded sig file and it still fails the gpg --verify test.
Is the old libgpg-
On 1/28/2016 12:45 AM, Antony Prince wrote:
> F:\Downloads>gpg --version
> gpg (GnuPG) 2.1.10
I also just realized that you said BAD signature with gnupg _stable_ and
my test was not with stable. My apologies.
--
Antony Prince
Key ID: 0xAF3D4087301B1B19
Fingerprint: 591F F17F 7A4A A8D0 F659 C
> Could this be some kind of man-in-the-middle attack? I don't recall
> having seen a signature fail like this before.
MitM is theoretically possible, but unlikely: an attacker would have to
be both technically sophisticated and profoundly stupid. It's far more
likely there's an innocuous explana
On 1/28/2016 12:12 AM, Aaron Tovo wrote:
> It's definitely not an ascii file (having taken a peek at its content).
>
> I downloaded libgpg-error-1.21.tar.bz2 again today and it has a the
> correct size (763186)
>
> -rw-rw-r-- 1 aaron aaron 763186 Jan 27 22:53 libgpg-error-1.21(1).tar.bz2
>
> I
> Behalf Of Aaron Tovo
> Sent: Tuesday, January 26, 2016 8:45 PM
> To: gnupg-users@gnupg.org
> Subject: Re: BAD signatures for GnuPG Stable
>
> Interesting. The file I downloaded is actually larger than what it should be!
>
> -rw-rw-r-- 1 aaron aaron 855815 Jan 25 21:44 libgp
: BAD signatures for GnuPG Stable
Interesting. The file I downloaded is actually larger than what it should be!
-rw-rw-r-- 1 aaron aaron 855815 Jan 25 21:44 libgpg-error-1.21.tar.bz2
On 01/26/2016 03:26 AM, Werner Koch wrote:
> On Tue, 26 Jan 2016 05:41, aaront...@gmail.com said:
>
&g
Interesting. The file I downloaded is actually larger than what it
should be!
-rw-rw-r-- 1 aaron aaron 855815 Jan 25 21:44 libgpg-error-1.21.tar.bz2
On 01/26/2016 03:26 AM, Werner Koch wrote:
> On Tue, 26 Jan 2016 05:41, aaront...@gmail.com said:
>
>> $ gpg --verify libgpg-error-1.21.tar.bz2.s
On Tue, 26 Jan 2016 05:41, aaront...@gmail.com said:
> $ gpg --verify libgpg-error-1.21.tar.bz2.sig libgpg-error-1.21.tar.bz2
> gpg: Signature made Sat 12 Dec 2015 06:03:30 AM CST using RSA key ID
> 4F25E3B6
> gpg: BAD signature from "Werner Koch (dist sig)"
Please check the length of the file to
14 matches
Mail list logo
