[ale] GnuPG puzzle (Was: Re: Real puzzler)

Michael B. Trausch fd0man at gmail.com
Thu Apr 27 13:36:38 EDT 2006


On Thu April 27 2006 10:59, Sean Kilpatrick wrote:
> Message was signed on 04-27-2006 10:59 with unknown key
> 0x99A52AB04F8EA1B9. The validity of the signature cannot be verified.
> Status: No public key to verify the signature
>

This is what I get, reading your message... this means that I do not have 
your public key.  It shows that you signed it at the same time the e-mail 
was timestamped (10:59:30).

>   On Thursday 27 April 2006 03:25, Michael B. Trausch wrote:
> | Signature digest conflict?! ?What in the world does that mean?
> | ?(Question for the other gpg users out there: ?Does anybody else see
> | this when they attempt to verify my key, and does anybody else know
> | what in the world that means?)
>
> Michael,
>
> I use Kmail and at the top of your message, Kmail has added this:
>
> ?
> Message was signed with unknown key 0xD2413F2019C59A30.
> The validity of the signature cannot be verified.
> Status: No public key to verify the signature ?{the last
> seven words are in italics.}
>
> Now I _think_ that means that I do not have your public key on my
> keyring. But is that your key? ?I ask because I once encrypted a
> file on this box with the _wrong_ key (I wasn't paying attention
> when the software asked me if the selected key was the correct key.)
> If I hadn't had another copy of the file stashed away I would have
> been in a terrible mess.
>

That is, in fact, my key for this address.  I have two keys -- this one 
covers this address, and I have another one for my school address.

*sigh*  Weird.  I'd still like to know why KMail is saying that I'm signing 
using an SHA-1 hash, and not the RIPEMD160 that I should be using.

	- Mike

> Sean
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 191 bytes
Desc: not available




More information about the Ale mailing list