| 1 |
On Monday 19 Sep 2016 13:37:43 Ian Zimmerman wrote: |
| 2 |
> On 2016-09-18 10:10, Ian Zimmerman wrote: |
| 3 |
> > Note that it is _not_ a mutt problem: one gets the same "BAD |
| 4 |
> > signature" result from a bare gpg run on the extracted message part. |
| 5 |
> |
| 6 |
> I have to retract this. So far everyone who reported this runs mutt; |
| 7 |
> and my evidence in the other direction, given above, is laughably wrong |
| 8 |
> (the signature is not computed that way, but on trasformed data as |
| 9 |
> specified by RFC 3156). |
| 10 |
> |
| 11 |
> So yes, it looks a lot like a flea. |
| 12 |
|
| 13 |
Whenever I tried to get gnupg running with mutt I came across some problem or |
| 14 |
another, but didn't have time to look into it further. From what I recall |
| 15 |
signatures showing up as bad was one of them, but could be mistaken (this was |
| 16 |
some months ago). |
| 17 |
|
| 18 |
|
| 19 |
> > So, what's going on? This would seem to be a Big Deal [TM]. |
| 20 |
> |
| 21 |
> Still surprised by the lack of urgency. I'm pretty much dropping |
| 22 |
> everything until I can fix this. |
| 23 |
|
| 24 |
I'd be interested to find out how I can manually extract the contents of a |
| 25 |
message and verify it manually. I followed page 5 of RFC 3156, but it is |
| 26 |
showing Bad signature. :-/ |
| 27 |
|
| 28 |
-- |
| 29 |
Regards, |
| 30 |
Mick |
Archives