[Dovecot] OT: PGP signature verification (was: Re: [Q] IMAP update message header?)

Thomas Zajic zlatko at zlatko.fdns.net
Wed May 7 20:30:47 EEST 2008 

* Timo Sirainen, 2008-05-07 17:54

> On May 7, 2008, at 6:45 PM, Roderick A. Anderson wrote:
>> Looks like it will probably be a case of making a copy of the message 
>> adding the X-Header then copying/savinging it back as a new message 
>> and deleting the old.
> 
> How about just using keywords?


Does anybody know why all of Timo's mails that are sent with Apple Mail
show up as "OpenPGP: Error - signature verification failed; click Pen
icon for details" in Thunderbird 2.0.0.x/Enigmail 0.95.6?

The details just say:

| OpenPGP Security Info
| 
| Error - signature verification failed
| 
| gpg command line and output:
| /usr/local/bin/gpg --charset utf8  --batch --no-tty --status-fd 2 \
|   --keyserver-options auto-key-retrieve --keyserver subkeys.pgp.net --verify
| gpg: Signature made Mit 07 Mai 2008 17:54:30 CEST using DSA key ID 40558AC9
| gpg: BAD signature from "Timo Sirainen <tss at iki.fi>


OTOH, everything seems to be fine with Mutt 1.4.2.2i:

| [-- PGP output follows (current time: Mit 07 Mai 2008 18:28:17 CEST) --]                                                                  
| gpg: Signature made Mit 07 Mai 2008 17:54:30 CEST using DSA key ID 40558AC9                                                               
| gpg: Good signature from "Timo Sirainen <tss at iki.fi>"
| gpg: WARNING: This key is not certified with a trusted signature!                                                                    
| gpg:          There is no indication that the signature belongs to the owner.                                                             
| Primary key fingerprint: E643 F0BD FDCD 04D9 FFCB  6279 C948 5251 4055 8AC9                                                               
| [-- End of PGP output --]
| 
| [-- The following data is signed --]
| 
| On May 7, 2008, at 6:45 PM, Roderick A. Anderson wrote:                                                           
| >Looks like it will probably be a case of making a copy of the                                                                 
| >message adding the X-Header then copying/savinging it back as a new                                                                      
| >message and deleting the old.                                 
| 
| How about just using keywords?
| 
| 
| [-- End of signed data --]


Is it the way that Apple Mail includes the signature in some sort of pseudo
inline attachment that breaks TB's/Enigmail's MIME and/or PGP handling? Is
mutt more robust, tolerant and/or sophisticated in terms of handling PGP?
Just curious ...


Thanks,
Thomas

More information about the dovecot mailing list