-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
on Fri, Nov 21, 2003 at 05:36:48PM +0100, Christian Schnobrich (schnobs@babylon-kino.de) wrote:
> On Fri, 2003-11-21 at 14:49, smurfd wrote:
>
> > Have a little faith in the debian folks!
> > I sure do!
> > What i dont trust, is some one claiming such things, and not having a
> > @debian.org mailadress :)
>
> Me too.
>
> On top of that, I won't trust any email in this matter (as I don't know
> how to check the validity of digitally signed mail).
Install mutt ;-)
*Most* GNU/Linux mail clients will handle GPG/PGP signed mail. Check
the Evo docs/help for details.
For clearsigned mail (eg, like this one -- which is also signed in MIME
format):
- In a console-based client, pipe the body through gpgv or gpg
--verify.
- In other clients: save the mail body to a text file. Run:
$ gpg --verify file
If you get a message that the public key can't be found copy the key
ID (it's part of the output, 8-character hex value like "8DE4D38E"),
and retrieve it with:
$ gpg --keyserver keys.pgp.net --recv-keys <keyid>
...and try again. Note that this only tells you that the message hasn't
been changed, but you can look for other messages signed by the same
key.
You don't need to trim the message or extract just the signed parts, gpg
will work that out for you automatically.
Peace.
- --
Karsten M. Self <kmself@ix.netcom.com> http://kmself.home.netcom.com/
What Part of "Gestalt" don't you understand?
George W. Bush: It takes a village idiot
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.3 (GNU/Linux)
iD8DBQE/xgqgefG8443k044RAnP9AJ9GVfLQHaABfzzgkMHhKeovam9FpQCcCCvS
YJsc6Slwi3CoLEQF+WUdTE0=
=Duhi
-----END PGP SIGNATURE-----
Attachment:
pgp2QpNp9r0dD.pgp
Description: PGP signature