[ALUG] Slightly OT for the list: - GPG bad signature

mick mbm at rlogin.net
Tue Jan 19 16:37:11 GMT 2016


Hi Guys

Steve tells me that he had a problem with my last email to the list
(Re: Rural Broadband). He got a bad signature from GPG. 

In a follow up exchange off list Steve said:

"Here's what gpg says:

---
$ gpg -v --verify signature.asc msg
gpg: armor header: Version: GnuPG v2.0.22 (GNU/Linux)
gpg: Signature made Tue 19 Jan 2016 14:04:01 GMT using RSA key ID
5BADD312 gpg: using PGP trust model
gpg: BAD signature from "Mick Morgan (Mick's new 4096 bit key)
<mick at rlogin.net>" [unknown] gpg: textmode signature, digest algorithm
SHA256, key algorithm rsa4096 --"

Ive been using this key since the middle of 2012. I have also been
using claws (with PGP/MIME enabled) as my MUA for ages. There seem to
be a couple of reasons why GPG should complain. The most obvious is
that the email has been changed after signature. Paranoia aside, this
can easily happen if the MUA (at either end?) changes the mail by
wrapping at a particular line length. Another possible reason is that
my signature key length (4096 bits) is too long for the recipient's
system to handle correctly.

But as I say, I have been using the current key for nearly four years
now, so my question is, has anyone else seen this problem with my
signature? And does anyone know what may be going on here?

Cheers

Mick  

---------------------------------------------------------------------

 Mick Morgan
 gpg fingerprint: FC23 3338 F664 5E66 876B  72C0 0A1F E60B 5BAD D312
 http://baldric.net

---------------------------------------------------------------------

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 836 bytes
Desc: not available
URL: <http://lists.alug.org.uk/pipermail/main/attachments/20160119/e6e4261e/attachment.sig>


More information about the main mailing list