> > OK then only check that the thingy bellow ----BEGIN PGP SIGNATURE--- > > is a valid signature. That should be quick. > I think validate = verify.
It does not need to be the same. For example it does not need to have the public key of the one signing, nor it needs to calculate the hash for the body of the message. It would need to check that the strings between BEGIN and END is in a proper format that belongs tp PGP, even if PGP cannot finish validating the signed text. Olivier _______________________________________________ Spamassassin-talk mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/spamassassin-talk
