[ale] GnuPG puzzle (Was: Re: Real puzzler)

Michael B. Trausch fd0man at gmail.com
Thu Apr 27 03:25:30 EDT 2006 

On Thu April 27 2006 02:47, Ben Coleman wrote:
> Michael B. Trausch wrote:
> > First things first, you may want to check your system clock:
> >> Message was signed on 12-31-1969 18:59 with unknown key 0xAAD2044F.
> >> The validity of the signature cannot be verified.
> >
> > That's not a good thing.  :-)
>
> Actually, this looks to be a difference of opinion between KMail and
> Enigmail (the PGP/GPG extension for Thunderbird).  Enigmail says about my
> original signature:
>

Interesting... nobody else's that I've seen signed was like that, and this 
message appears to have been signed with a correct timestamp.

> Good signature from Ben Coleman <oloryn at benshome.net>
> Key ID: 0xAAD2044F / Signed on: 4/25/2006 11:52 PM
>
> However, on your current signature, I get:
>
> gpg command line and output:
> C:\\GnuPG\\gpg.exe --charset utf8  --batch --no-tty --status-fd 2
> --verify gpg: Signature made 04/26/06 17:22:14 using DSA key ID 19C59A30
> gpg: WARNING: signature digest conflict in message
> gpg: Can't check signature: general error
>

Signature digest conflict?!  What in the world does that mean?  (Question 
for the other gpg users out there:  Does anybody else see this when they 
attempt to verify my key, and does anybody else know what in the world that 
means?)

> I'm kind of suspecting that the problem is KMail's, as I don't see this
> kind of problem with signatures on the list from other mail programs like
> mutt and Evolutionl.
>

It could be something wrong in my settings, though I don't quite know how.  
The error message text would seem to read as if it says "I'm signed with 
RIPEMD160 but really the hash is an SHA256 hash" or something crazy and off 
the wall like that... However, when I go to verify my messages, they all 
verify fine...

Aha.  I did some looking on Google.  Someone was having that with their 
inline signatures, however... I don't use those.  I do, however, see a 
potential problem... the hash that I use is RIPEMD160 and the header 
appears to lie about that:

Content-Type: multipart/signed;
  boundary="nextPart3077852.6hH6KgWs9a";
  protocol="application/pgp-signature";
  micalg=pgp-sha1

Or at least, I *think* that the hash that I'm using is RIPEMD160... that's 
what I have set in my config file....

fd0man at cinnamon:~/.gnupg$ cat gpg.conf
personal-digest-preferences h3 h2
keyserver ldap://keyserver.pgp.com:11370
digest-algo RIPEMD160
default-key 0x19C59A30
encrypt-to 0x19C59A30
comment ""
use-agent
fd0man at cinnamon:~/.gnupg$

Anybody know off-hand what might cause the discrepancy?  I don't see any 
options in Kontact (KMail) that show setting the hash, as I used to have in 
Enigmail.

> > As far of the rest of your problems, however, I haven't a clue.  I've
> > been using a 2.6 system for quite some time now, and I have had no
> > kernel problems with it, or problems with any software running on it,
> > save for the nVidia binary drivers (though, that's not the kernel's
> > fault).
>
> This is the first problem I've run into with 2.6 myself.
>

Weird.  Good luck on that problem.

	- Mike
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 191 bytes
Desc: not available

More information about the Ale mailing list