| 1 |
On Sunday 18 Sep 2016 11:47:05 Ian Zimmerman wrote: |
| 2 |
> On 2016-09-18 18:34, Mick wrote: |
| 3 |
> > > http://marc.info/?l=mutt-users&m=147417981514310&w=2 |
| 4 |
> > > |
| 5 |
> > > So, what's going on? This would seem to be a Big Deal [TM]. |
| 6 |
> > |
| 7 |
> > The way some clients attach gpg signatures (in line, or multipart) |
| 8 |
> > makes a difference, depending on the receiving mail client. |
| 9 |
> |
| 10 |
> It's happening with multipart/signed messages, which to me implies that |
| 11 |
> what I extract is exactly, byte by byte, what was attached and signed. |
| 12 |
> |
| 13 |
> > I have seen bad signatures in this M/L but it is not a regular |
| 14 |
> > occurrence. |
| 15 |
> |
| 16 |
> Your own message re: TaskCoach fails to verify, and that's what prompted |
| 17 |
> me to post about it here. |
| 18 |
|
| 19 |
Failing to verify is not the same as bad signature. It may fail to verify if |
| 20 |
the keyservers are unreachable by the client. This could be because of traffic, |
| 21 |
DDoS attacks, etc. |
| 22 |
-- |
| 23 |
Regards, |
| 24 |
Mick |
Archives