On Mon, 23 Apr 2007 11:44, [EMAIL PROTECTED] said:
> I guess the tool does so to avoid creating temporary files.
> In facts, it pipes faked clearsigned messages to gpg's stdin.
>
> What would you suggest it should do instead?
Use two file descriptors. Or use gpgme which makes this much easier.
Werner Koch wrote:
> On Sat, 21 Apr 2007 21:12, [EMAIL PROTECTED] said:
>
>> Disagreement happens after the tool combines text and
>> signature into a unique file. I reproduced it as follows:
>
> The simple answer is: You can't do that. Clearsigned messages are
> different from detached signatur
On Sat, 21 Apr 2007 21:12, [EMAIL PROTECTED] said:
> Disagreement happens after the tool combines text and
> signature into a unique file. I reproduced it as follows:
The simple answer is: You can't do that. Clearsigned messages are
different from detached signatures.
Shalom-Salam,
Werner
Hi,
I've installed a tool to verify signed mail, enigmail,
that signals lots of bad signatures, using gpg. When
I verified those messages "manually" they were all ok.
Disagreement happens after the tool combines text and
signature into a unique file. I reproduced it as follows:
D:\tmp>gpg --ver
