1 |
On Sunday 18 Sep 2016 10:10:02 Ian Zimmerman wrote: |
2 |
> I noticed a lot of gpg signed mail on mailing lists fails signature |
3 |
> verification lately, including this list. (Others: lkml, haskell-cafe, |
4 |
> mutt-users, even oss-security.) |
5 |
> |
6 |
> It's not just me: quite a few others seem to have made the same |
7 |
> observation. Please see the latest thread on mutt-users: |
8 |
> |
9 |
> http://marc.info/?l=mutt-users&m=147417981514310&w=2 |
10 |
> |
11 |
> Note that it is _not_ a mutt problem: one gets the same "BAD signature" |
12 |
> result from a bare gpg run on the extracted message part. |
13 |
> |
14 |
> So, what's going on? This would seem to be a Big Deal [TM]. |
15 |
|
16 |
The way some clients attach gpg signatures (in line, or multipart) makes a |
17 |
difference, depending on the receiving mail client. I have seen bad signatures |
18 |
in this M/L but it is not a regular occurrence. |
19 |
|
20 |
-- |
21 |
Regards, |
22 |
Mick |