key-test

Ewan Mac Mahon ewan at macmahon.me.uk
Fri Mar 17 17:09:45 UTC 2006


On Thu, Mar 16, 2006 at 09:35:26PM -0500, Darryl Clarke wrote:
> On 16/03/06, C Hamel <yogich at sc2000.net> wrote:
> > In past msgs my signing keys (two of them) come back bad on this list & good
> > when I send to myself.  These keys have been around the block, imported to a
> > couple previous Dapper builds, and worked okay. This is only a key-test.
> > Sorry for any inconvenience... I have re-imported & will file a bug if they
> > come back as bad.
> 
> You need to sign the content/message body itself (see many other users
> on this list) and not attach a signature.
> 
Inline signing is usually considered to be deprecated - it's certainly
the older way of doing things and has a number of problems. PGP/MIME is
the way to go for new applications.

> When any spam, av, maillist daemons add stuff to your messages it will
> invalidate the attached signature.
>
That's only true if they add it to the body, which is a huge no-no. They
can alter the headers or add extra mime parts without breaking the
signatures. This sort of behaviour is grounds for complaing to the ISP
to stop mucking about with your traffic, or if possible, changing to one
that doesn't deliberately break perfectly sane applications. They're
being paid to move data around and there's no excuse for mangling it in
the process.

The OP might be able to use another server (maybe the gmail one?) for
sending their outgoing email through that would avoid their ISP's
brain-dead systems.

Ewan
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 189 bytes
Desc: Digital signature
URL: <https://lists.ubuntu.com/archives/ubuntu-users/attachments/20060317/30779115/attachment.pgp>


More information about the ubuntu-users mailing list