Re: [OT] Manually verifying PGP/MIME signature with GPG
On Mon, 09 Apr 2012 19:11:04 +0300, Mika Suomalainen wrote:
> On 09.04.2012 18:44, Camaleón wrote:
>>> As this list seems to be against GPG INLINE signatures,
>>
>> Uh? First notice I have :-?
>
> The other questions and PGP/INLINE hate are in some of those three (or
> more) of those different "[OT] Posting styles" threads.
Ah... okay.
>> I recognize it's annoying to delete the extra text when replying to
>> PGP/ GPG inline messages but I can live with that.
>>
>>> I have promised to move to S/MIME (with devices which support it) when
>>> someone on this list tells me how do I manually verify PGP/MIME
>>> signature in case email client cannot be used to do it.
>>
>> You don't have to move on S/MIME if you don't want.
>
> Oh, sorry. I am confusing with S/MIME and PGP/MIME myself too. They are
> two different things, or at least I think so. The one which I am asking
> about is PGP/MIME (those signature.asc files, which you might have
> seen).
Mmm... I see. Yes, they seem to be different implementantions:
http://pthree.org/2011/09/17/pgpmime-versus-smime/
>> Dude, use whatever you like most, if someone complaints that's up to
>> them (unless there's some hidden rule/policy for this I'm not aware of)
>> ;-)
>
> I am getting the picture that there is some kind of hidden policy, which
> should be put to list code of conduct or elsewhere.
A hidden policy (should there's any) is by definition "not applicable" so
don't worry about it and use what GPG/PGP inline/attached file you
estimate better for you.
>> Anyway, openssl's smime should be able to verify the signature. As per
>> the man page:
>>
>> ***
>> The smime command handles S/MIME mail. It can encrypt, decrypt, sign
>> and verify S/MIME messages.
>> ***
>>
>> There are some usage samples at the bottom of the page.
>>
>>
> I think that I will start using PGP/MIME now that someone has said that
> it's annoying to remove GPG signatures from messages and that they can
> live with it.
Well, that was my *personal* opinion, you don't have to do what every
person says, follow your own way :-)
> It's nicer way than telling to filter all emails from one
> sender / threading / telling what should be done in their opinions and
> then ignoring all problems in that way.
Well, discarding posts just because of inline PGP/GPG signatures is a bit
radical. As I said, it's annoying but nothing more.
> I hope that someone can still answer this question.
>
> PS. Sorry again for typoing PGP/MIME as S/MIME.
You said PGP/MIME, I got S/MIME O:-)
Look at "man gpg", there must be also an option here for verifiying the
signature.
Greetings,
--
Camaleón
Reply to: