[opensuse] [OT] My PGP Signature
Sorry for this OT post. Tamas Sarga from the list send me a private mail saying that my PGP signature is not verifying properly for him lately. However, it verifies fine on my local side. Is any one else see this? Thanks in advance. Charles
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Charles philip Chan wrote: | Sorry for this OT post. Tamas Sarga from the list send me a private mail | saying that my PGP signature is not verifying properly for | him lately. However, it verifies fine on my local side. Is any one else see | this? It verifies fine here, using factory and Thunderbird. - -- Cheers / Saludos, Carlos E. R. (from 11.0-factory) -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.9 (GNU/Linux) Comment: Using GnuPG with SUSE - http://enigmail.mozdev.org iEYEARECAAYFAkgLlYEACgkQU92UU+smfQUTZwCfR1raVIY+/2FP6a/5xo2BJGOo w4wAniw1HV71Fu3rj9Gzd6W8Ybr9beo2 =RoU2 -----END PGP SIGNATURE----- -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Charles philip Chan wrote:
| "Carlos E. R."
On Sunday 20 April 2008 21:22, Tamas Sarga wrote:
Charles philip Chan wrote: | "Carlos E. R."
| writes: | | Hi Carlos: |> It verifies fine here, using factory and Thunderbird. | | Thanks, for checking it for me. @Tamas, it looks like the problem is on | your side. | | Cheers | | Charles Hi, It starts to be very confusing, because this mail fails. Maybe Thunderbird handle replies with quotes incorrect, but I've never noticed this behaviour.
If it's bad only at my side, then sorry for disturbing again.
Cheers, Tamas Sarga
The first mail from Charles gave me a valid signature, Message was signed by cpchan@sympatico.ca (Key ID: 0xDDEA4FCB229BC0F6). The signature is valid, but the key's validity is unknown. but the second did not. Message was signed by cpchan@sympatico.ca (Key ID: 0xDDEA4FCB229BC0F6). Warning: The signature is bad. Odd.....
Rikard Johnels schreef:
The first mail from Charles gave me a valid signature, Message was signed by cpchan@sympatico.ca (Key ID: 0xDDEA4FCB229BC0F6). The signature is valid, but the key's validity is unknown.
but the second did not. Message was signed by cpchan@sympatico.ca (Key ID: 0xDDEA4FCB229BC0F6). Warning: The signature is bad.
Odd.....
Same here -- Jos van Kan registered Linux user #152704 -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
Rikard Johnels
The first mail from Charles gave me a valid signature, Message was signed by cpchan@sympatico.ca (Key ID: 0xDDEA4FCB229BC0F6). The signature is valid, but the key's validity is unknown.
but the second did not. Message was signed by cpchan@sympatico.ca (Key ID: 0xDDEA4FCB229BC0F6). Warning: The signature is bad.
Hum, this is getting stranger by the minute. I don't know why it works one time and not the other. Charles
On Monday 21 April 2008 04:07:04 am Charles philip Chan wrote:
Rikard Johnels
writes:
The first mail from Charles gave me a valid signature, Message was signed by cpchan@sympatico.ca (Key ID: 0xDDEA4FCB229BC0F6). The signature is valid, but the key's validity is unknown.
but the second did not. Message was signed by cpchan@sympatico.ca (Key ID: 0xDDEA4FCB229BC0F6). Warning: The signature is bad.
Hum, this is getting stranger by the minute. I don't know why it works one time and not the other.
Charles
I don't know much about gpg, so I don't know is any problem that my kgpg imported 2 keys with the same value 229BC0F6. -- Regards, Rajko http://en.opensuse.org/Portal needs helpful hands. -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
On Mon, Apr 21, 2008 at 5:19 PM, Rajko M.
On Monday 21 April 2008 04:07:04 am Charles philip Chan wrote:
Rikard Johnels
writes:
The first mail from Charles gave me a valid signature, Message was signed by cpchan@sympatico.ca (Key ID: 0xDDEA4FCB229BC0F6). The signature is valid, but the key's validity is unknown.
but the second did not. Message was signed by cpchan@sympatico.ca (Key ID: 0xDDEA4FCB229BC0F6). Warning: The signature is bad.
Hum, this is getting stranger by the minute. I don't know why it works one time and not the other.
Charles
I don't know much about gpg, so I don't know is any problem that my kgpg imported 2 keys with the same value 229BC0F6.
Two keys , or one key with multiple subkeys? -- ----------JSA--------- -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
On Monday 21 April 2008 07:49:42 pm John Andersen wrote:
On Mon, Apr 21, 2008 at 5:19 PM, Rajko M.
wrote: On Monday 21 April 2008 04:07:04 am Charles philip Chan wrote:
Rikard Johnels
writes:
The first mail from Charles gave me a valid signature, Message was signed by cpchan@sympatico.ca (Key ID: 0xDDEA4FCB229BC0F6). The signature is valid, but the key's validity is unknown.
but the second did not. Message was signed by cpchan@sympatico.ca (Key ID: 0xDDEA4FCB229BC0F6). Warning: The signature is bad.
Hum, this is getting stranger by the minute. I don't know why it works one time and not the other.
Charles
I don't know much about gpg, so I don't know is any problem that my kgpg imported 2 keys with the same value 229BC0F6.
Two keys , or one key with multiple subkeys?
KGpg 1.2.2 (KDE 3.5.9-57.3). When I expand all items, I can see: 1) main line with key, 2) than 2 lines with the same key that start with signature icon, 3) than ElGamal subkey that has different value and 4) one more line that belongs to subkey starting with signature icon and the same key as the first 3 lines. Total is five lines. Other keys have 4 lines, unless user has more signatures, ie. in 2) I don't see 2 lines in other signatures. The entry is imported from the key server. -- Regards, Rajko http://en.opensuse.org/Portal needs helpful hands. -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
On Mon, 21 Apr 2008 17:49:42 -0700
"John Andersen"
On Mon, Apr 21, 2008 at 5:19 PM, Rajko M.
wrote: On Monday 21 April 2008 04:07:04 am Charles philip Chan wrote:
Rikard Johnels
writes:
The first mail from Charles gave me a valid signature, Message was signed by cpchan@sympatico.ca (Key ID: 0xDDEA4FCB229BC0F6). The signature is valid, but the key's validity is unknown.
but the second did not. Message was signed by cpchan@sympatico.ca (Key ID: 0xDDEA4FCB229BC0F6). Warning: The signature is bad.
Hum, this is getting stranger by the minute. I don't know why it works one time and not the other.
Charles
I don't know much about gpg, so I don't know is any problem that my kgpg imported 2 keys with the same value 229BC0F6.
Two keys , or one key with multiple subkeys?
I am also showing Charles' signature as bad using claws-mail. His key
value in my keyring is:
gaf@gaf:~> gpg --list-keys 0xDDEA4FCB229BC0F6
pub 1024D/229BC0F6 2002-11-27
uid Charles Philip Chan
Charles philip Chan wrote:
Sorry for this OT post. Tamas Sarga from the list send me a private mail saying that my PGP signature is not verifying properly for him lately. However, it verifies fine on my local side. Is any one else see this?
Thunderbird tells me your public key isn't on hand, and asks if I want
to import it from a keyserver.
When I do, TB tells me: UNTRUSTED Good signature from Charles Philip
Chan
Jerry Houston
Thunderbird tells me your public key isn't on hand, and asks if I want to import it from a keyserver.
When I do, TB tells me: UNTRUSTED Good signature from Charles Philip Chan
OK, I think I know what is happening now. Thunderbird is probable trying to import a key from cpchan@sympatico.ca which is of course not my real posting address (I am reading this list as a Gmane Usenet group with Gnus). The reason why it verifies fine for Carlos is because he has my pgp key in his keyring from a long time ago. I guess I need to generate a key for my Gmane address and use that address for posting. Charles
On Sun, Apr 20, 2008 at 12:31 PM, Charles philip Chan
Jerry Houston
writes: Thunderbird tells me your public key isn't on hand, and asks if I want to import it from a keyserver.
When I do, TB tells me: UNTRUSTED Good signature from Charles Philip Chan
OK, I think I know what is happening now. Thunderbird is probable trying to import a key from cpchan@sympatico.ca which is of course not my real posting address (I am reading this list as a Gmane Usenet group with Gnus). The reason why it verifies fine for Carlos is because he has my pgp key in his keyring from a long time ago.
I guess I need to generate a key for my Gmane address and use that address for posting.
Charles
As far as thunderbird is concerened you are posting from cpchan@sympatico.ca as that is the only header it sees. Jerry's post, (quoted above) is the expected norm. It found the key, but the key is untrusted (by Jerry). If he signs it it will become trusted. (It would be silly for Jerry to sign it based on this list). -- ----------JSA--------- -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 The Sunday 2008-04-20 at 15:31 -0400, Charles philip Chan wrote:
Jerry Houston <> writes:
Thunderbird tells me your public key isn't on hand, and asks if I want to import it from a keyserver.
When I do, TB tells me: UNTRUSTED Good signature from Charles Philip Chan <>
That's correct.
OK, I think I know what is happening now. Thunderbird is probable trying to import a key from cpchan@sympatico.ca which is of course not my real posting address (I am reading this list as a Gmane Usenet group with Gnus). The reason why it verifies fine for Carlos is because he has my pgp key in his keyring from a long time ago.
Nop. Not this time. I was in Factory, using Thunderbird, and I had to import it because Factory is not what I normally use. Now I'm using 10.3, and unfortunately with Alpine I can not check detached signatures as the one you use.
I guess I need to generate a key for my Gmane address and use that address for posting.
No, even if you use a key for a different address that the one you use to post, it would verify. In any case, you know that you can add several addresses (IDs) to the same key. Just add it, then republish it. Having the incorrect ID only makes it more difficult for us to retrieve your key: when we search for an address, we wouldn't find the key for that address. - -- Cheers, Carlos E. R. -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.4-svn0 (GNU/Linux) iD8DBQFIC7xktTMYHG2NR9URAkvYAJwLJD5qAXEvGx58yKrrmLVpN0YAjwCdEzYV efTDRXfLyOfjPcL8obfbkeI= =v0hl -----END PGP SIGNATURE----- -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
On Sunday 20 April 2008 02:31:55 pm Charles philip Chan wrote:
Jerry Houston
writes: Thunderbird tells me your public key isn't on hand, and asks if I want to import it from a keyserver.
When I do, TB tells me: UNTRUSTED Good signature from Charles Philip Chan
OK, I think I know what is happening now. Thunderbird is probable trying to import a key from cpchan@sympatico.ca which is of course not my real posting address (I am reading this list as a Gmane Usenet group with Gnus). The reason why it verifies fine for Carlos is because he has my pgp key in his keyring from a long time ago.
I guess I need to generate a key for my Gmane address and use that address for posting.
I use KMail and although key is in the list, this message signature is declared invalid. The first one is OK. -- Regards, Rajko http://en.opensuse.org/Portal needs helpful hands. -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Sun, Apr 20, 2008 at 11:57 AM, Charles philip Chan wrote:
Sorry for this OT post. Tamas Sarga from the list send me a private mail saying that my PGP signature is not verifying properly for him lately. However, it verifies fine on my local side. Is any one else see this?
Thanks in advance.
It doesn't verify for me either, but part of that is the way you are attaching it prevents it from being automatically detected by the FireGPG plug in for Firefox. (I read this list from gmail). Carlos's sig is attached properly, but his is always reported as invalid. - -- - ----------JSA--------- -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.7 (MingW32) Comment: http://getfiregpg.org iD8DBQFIC5YZv7M3G5+2DLIRAhTVAKCeBZ/Y7aKEmRlom2L2ONeh20HSfACfakXb oWk7kJsLp9HoJKTpRClqhHs= =9ZsK -----END PGP SIGNATURE----- -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
"John Andersen"
It doesn't verify for me either, but part of that is the way you are attaching it prevents it from being automatically detected by the FireGPG plug in for Firefox. (I read this list from gmail).
OK it seems like FireGPG does not support pgp-mime: http://www.ietf.org/rfc/rfc2015.txt You should really put in a feature request. Carlos is using PGP inline. Charles
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 The Sunday 2008-04-20 at 15:42 -0400, Charles philip Chan wrote:
It doesn't verify for me either, but part of that is the way you are attaching it prevents it from being automatically detected by the FireGPG plug in for Firefox. (I read this list from gmail).
OK it seems like FireGPG does not support pgp-mime:
http://www.ietf.org/rfc/rfc2015.txt
You should really put in a feature request. Carlos is using PGP inline.
Yep, I have to sign inline when using Alpine, I have random issues related to the charset. - -- Cheers, Carlos E. R. -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.4-svn0 (GNU/Linux) iD8DBQFIC70UtTMYHG2NR9URAo8QAJsEniVd9UT5YcylbPk/2GU6yjMm5QCgieM8 2qReWml3UWY46XvMj8FvMKE= =EXLR -----END PGP SIGNATURE----- -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Charles philip Chan wrote: | Sorry for this OT post. Tamas Sarga from the list send me a private mail | saying that my PGP signature is not verifying properly for | him lately. However, it verifies fine on my local side. Is any one else see | this? | | Thanks in advance. | | Charles | Hi, Now it's good, but if I want to check your previous mail in the Windows vs. Suse OO docuent file size thread, it couldn't be verified. Cheers, Tamas Sarga -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.4-svn0 (GNU/Linux) Comment: Using GnuPG with SUSE - http://enigmail.mozdev.org iD8DBQFIC5YnsuVyj8v2Zy4RAv3NAJ9avJG+VWLpKdNLcm0pxgxj0NyZMQCeNS4R q56E02KqRyf4Vsz7XhvtydA= =CWwc -----END PGP SIGNATURE----- -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
On Sun, Apr 20, 2008 at 11:57 AM, Charles philip Chan
Sorry for this OT post. Tamas Sarga from the list send me a private mail saying that my PGP signature is not verifying properly for him lately. However, it verifies fine on my local side. Is any one else see this?
Thanks in advance.
Charles
The way you attach the key makes it necessary to Download it first to a file, then read in that file with kgpg (if using kde). At which time Kgpg complains that decryption failed: [GNUPG:] GET_LINE detached_signature.filename [GNUPG:] GOT_IT [GNUPG:] GET_LINE detached_signature.filename [GNUPG:] GOT_IT [GNUPG:] GET_LINE detached_signature.filename [GNUPG:] GOT_IT [GNUPG:] GET_LINE detached_signature.filename [GNUPG:] GOT_IT [GNUPG:] GET_LINE detached_signature.filename gpg: signal Hangup caught ... exiting So I think the method of attachment may be corrupting the file somehow, and some users tools do a better job of figuring this out. -- ----------JSA--------- -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Charles philip Chan wrote: | Sorry for this OT post. Tamas Sarga from the list send me a private mail | saying that my PGP signature is not verifying properly for | him lately. However, it verifies fine on my local side. Is any one else see | this? | | Thanks in advance. Your key imported just fine. Fred - -- Q: what's the difference between a teddy bear and Steve Ballmer? A: they both have sawdust for brains but one is smart enough to ~ keep his mouth shut. -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.4-svn0 (GNU/Linux) Comment: Using GnuPG with SUSE - http://enigmail.mozdev.org iD8DBQFIC6L8yWx1yup5ZvARAuNHAJ4kdUfEBI6qw8NJvgoRMjRVpnhZ5ACeME3H FShWkYwdrXTogvtMgFhSnEE= =zWgi -----END PGP SIGNATURE----- -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
On Sunday 20 April 2008, Charles philip Chan wrote:
Sorry for this OT post. Tamas Sarga from the list send me a private mail saying that my PGP signature is not verifying properly for him lately. However, it verifies fine on my local side. Is any one else see this?
Thanks in advance.
Charles
Well i get this at the top of your messages .. Message was signed with unknown key 0xCBF6672E. The validity of the signature cannot be verified. also from Carlos E R same thing never really took anty notice of it just a darn silly yellow border to the message .. -- SuSE Linux 10.3-Alpha3. (Linux is like a wigwam - no Gates, no Windows, and an Apache inside.) -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 The Sunday 2008-04-20 at 21:13 +0100, peter nikolic wrote:
never really took anty notice of it just a darn silly yellow border to the message ..
There was a period when a chap impersonated posters in one of the list, so I had to use signatures. - -- Cheers, Carlos E. R. -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.4-svn0 (GNU/Linux) iD8DBQFIC76gtTMYHG2NR9URAj6IAJ0Uq3a27bkhKOuyRkMr3CbjHH9/IACcDd9h m/2Sn+lEaO1kojeUWccZGtE= =Wh43 -----END PGP SIGNATURE----- -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
On Sunday 20 April 2008, Carlos E. R. wrote:
The Sunday 2008-04-20 at 21:13 +0100, peter nikolic wrote:
never really took anty notice of it just a darn silly yellow border to the message ..
There was a period when a chap impersonated posters in one of the list, so I had to use signatures.
-- Cheers, Carlos E. R.
Hi Carlos .. Yes it's noy a problem this end i dont really notice things like colors when rading the mail there are actuall probably about 8 or 9 people in total that show up but no problem , I did look at signing my mails as well but never got it sused out so never bothered . Pete . -- SuSE Linux 10.3-Alpha3. (Linux is like a wigwam - no Gates, no Windows, and an Apache inside.) -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
Carlos E. R. wrote:
The Sunday 2008-04-20 at 21:13 +0100, peter nikolic wrote:
never really took anty notice of it just a darn silly yellow border to the message ..
There was a period when a chap impersonated posters in one of the list, so I had to use signatures.
I have need of it now and then as well. Recently, an ISP/domain has begun to filter ALL employee mail at an UNBELIEVABLE level for SPAM. Thus, even some things I've sent this individual concerning MickySoft were bounded. The part is forced to use XP, but that didn't stop the installation of PGP. Now, with private keys, and some effort on my part as I have to send a separate message, I disguise the subject and encrypt the mail both directions. I can't believe the ignorance and stupidity of young management and bean counters in my Country! God save us from these morons!!! Fred -- Linux is an old Latin word meaning, "I don't have to support your Windows anymore." -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
On 04/21/2008 02:57 AM, Charles philip Chan wrote:
Sorry for this OT post. Tamas Sarga from the list send me a private mail saying that my PGP signature is not verifying properly for him lately. However, it verifies fine on my local side. Is any one else see this?
Using Thunderbird 2.0.0.12 with Enigmail, and it says there is a problem
with the signature.
OpenPGP Security Info
Error - signature verification failed
gpg command line and output:
/usr/bin/gpg --charset utf8 --batch --no-tty --status-fd 2
--keyserver-options auto-key-retrieve --keyserver wwwkeys.us.pgp.net
--verify
gpg: Signature made Mon 21 Apr 2008 02:57:38 AM PHT using DSA key ID
229BC0F6
gpg: BAD signature from "Charles Philip Chan
participants (12)
-
Carlos E. R.
-
Charles philip Chan
-
Fred A. Miller
-
Jerry Feldman
-
Jerry Houston
-
Joe Morris
-
John Andersen
-
Jos van Kan
-
peter nikolic
-
Rajko M.
-
Rikard Johnels
-
Tamas Sarga