[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Possible GPG bugs or misfeatures

From: Werner Koch
Subject: Re: Possible GPG bugs or misfeatures
Date: Tue, 01 Mar 2005 12:14:37 +0100
User-agent: Gnus/5.1007 (Gnus v5.10.7) Emacs/21.3 (gnu/linux)


Your mail has been forwarded to me.

> From: "Luedde, Mirko" <address@hidden>

> * the `--verify' option can be combined with `--output', but the
>   latter has no effect.=20

--verify does not output the message itself.  If you need that, you
should call gpg without --verifty.  The default is to verify or
decrypt the message.

> * the `--decrypt' option can be applied to signed but unencrypted
>   files and strips the signature from the file. however, if the file
>   is corrupted, gpg will not notice that the signature does not match
>   the content.

Just did a test and I either can't replicate that or I did not
understand the problem:

  $ gpg --decrypt <x.asc
  Linux wheatstone 6.0.0 #9 Sun Mar 1 15:15:11 CET 2005 i686 GNU/Linux
  The programs included with the Debian GNU/Linux system are free software;
  the exact distribution terms for each program are described in the
  individual files in /usr/share/doc/*/copyright.
  Debian GNU/Linux comes with ABSOLUTELY NO WARRANTY, to the extent
  permitted by applicable law.
  gpg: Signature made Tue Mar  1 12:01:22 2005 CET using DSA key ID 010A57ED
  gpg: please do a --check-trustdb
  gpg: BAD signature from "Werner Koch <address@hidden>"

I created the message using

   gpg --clearsign </etc/motd >x.asc

and modified it. Same when using binary signatures.



reply via email to

[Prev in Thread] Current Thread [Next in Thread]