|

Encryption and Cryptography

»

Mac GNU Privacy Guard

»

Apple Mail GPG Plugin and Verifying Signatures in Thunderbird

View: New views

4 Messages — Rating Filter: Alert me

	Apple Mail GPG Plugin and Verifying Signatures in Thunderbird by Scott Blystone-3 :: Rate this Message: Reply to Author \| View Threaded \| Show Only this Message All, I am using the latest version of Apple Mail and the GPG plug-in. I exchange a lot of signed mail messages with Thunderbird users. I have had a long-standing problem that I hope someone can share some insight upon. Basically, if I sign any message and it is received by a Thunderbird/Enigmail user, the signature does not verify and they report a CRC error. If I take the exact same message and send it BOTH signed AND encrypted, the signature verifies perfectly. All of my keys have a signing sub-key. Is it possible that this is the source of the problem? Thanks! -- Scott Blystone Rochester, New York CAcert.org Assurer http://www.cacert.org Thawte Notary http://www.thawte.com GSWoT Introducer http://www.gswot.org Golf is a game that needlessly prolongs the lives of some of our most useless citizens. - Bob Hope ------------------------------------------------------------------------------ Crystal Reports - New Free Runtime and 30 Day Trial Check out the new simplified licensing option that enables unlimited royalty-free distribution of the report engine for externally facing server and web deployment. http://p.sf.net/sfu/businessobjects _______________________________________________ Macgpg-users mailing list Macgpg-users@... https://lists.sourceforge.net/lists/listinfo/macgpg-users PGP.sig (390 bytes) Download Attachment
	Re: Apple Mail GPG Plugin and Verifying Signatures in Thunderbird by Charly Avital :: Rate this Message: Reply to Author \| View Threaded \| Show Only this Message Scott Blystone wrote the following on 6/16/09 8:46 AM: > All, > > I am using the latest version of Apple Mail and the GPG plug-in. I > exchange a lot of signed mail messages with Thunderbird users. I have > had a long-standing problem that I hope someone can share some insight > upon. Basically, if I sign any message and it is received by a > Thunderbird/Enigmail user, the signature does not verify and they report > a CRC error. If I take the exact same message and send it BOTH signed > AND encrypted, the signature verifies perfectly. > > All of my keys have a signing sub-key. Is it possible that this is the > source of the problem? > > Thanks! > > -- > Scott Blystone > Rochester, New York Hi, 1. When processed with Thunderbird 2.0.0.21+Enigmail 0.95.7, your signature does not verify: OpenPGP Security Info Error - signature verification failed gpg command line and output: /usr/local/bin/gpg2 --charset utf8 --batch --no-tty --status-fd 2 --verify gpg: Signature made Tue Jun 16 08:47:07 2009 EDT using DSA key ID 8770D43F gpg: BAD signature from "Scott Blystone (Admin) <admin@...>" 2. When processed with Apple's Mail Version 3.6 (935/935.3) with GPGMail 1.2.0 (v56), your signature verifies, and your photo file is displayed: Signed by Scott Blystone (Admin) <admin@...>. Signed on Tuesday, June 16, 2009 8:47:07 AM US/Eastern Key fingerprint: 2BBE 5B68 A154 9CF0 FBD7 C10E 06C5 1F49 E827 E9D8 I have seen this before, and it usually (not consistently) happens with OpenPGP/MIME signed messages from GPGMail. It does not happen with in-line signed messages, nor with encrypted and signed messages (all from GPGMail). I am taking the liberty to cross-post to the GPGMail-users list, where, IMO, this issue belongs, and where (I hope) there will be a suitable response. I am not sure whether the problem lies with GPGMail or with Thunderbird+Enigmail. Charly MacOS 10.5.7-MacBook Intel C2Duo 2GHz-GnuPG 1.4.9-MacGPG2 2.0.11 TB 2.0.0.21+EM 0.95.7-Apple's Mail+GPGMail 1.2.0 (v56), Key: 0xA57A8EFA ------------------------------------------------------------------------------ Crystal Reports - New Free Runtime and 30 Day Trial Check out the new simplified licensing option that enables unlimited royalty-free distribution of the report engine for externally facing server and web deployment. http://p.sf.net/sfu/businessobjects _______________________________________________ Macgpg-users mailing list Macgpg-users@... https://lists.sourceforge.net/lists/listinfo/macgpg-users
	Re: [gpgmail-users] Apple Mail GPG Plugin and Verifying Signatures in Thunderbird by Charly Avital :: Rate this Message: Reply to Author \| View Threaded \| Show Only this Message Roberto Aguilar wrote the following on 6/16/09 12:28 PM: > [...] > I'm having the same issue with signed or signed & encrypted email. > > I have found the problem is that GPGMail does not use quoted-printable > to encode full ASCII email. You can trick it into using quoted- > printable by adding non-ASCII characters somewhere in your body, e.g. > é. If you do that, emails will verify properly. [...] > If you find an answer, please let me know. > > Thanks, > -Roberto. [...] I don't have that problem with signed and encrypted. Maybe adding by default a non-ASCII character would be a usable work around, e.g. adding it in a "signature". It's a klutz, I know, but it might work. Thanks for the information. Charly ------------------------------------------------------------------------------ Crystal Reports - New Free Runtime and 30 Day Trial Check out the new simplified licensing option that enables unlimited royalty-free distribution of the report engine for externally facing server and web deployment. http://p.sf.net/sfu/businessobjects _______________________________________________ Macgpg-users mailing list Macgpg-users@... https://lists.sourceforge.net/lists/listinfo/macgpg-users
	Re: Apple Mail GPG Plugin and Verifying Signatures in Thunderbird by Ludwig Hügelschäfer :: Rate this Message: Reply to Author \| View Threaded \| Show Only this Message -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Hi Scott, Scott Blystone wrote on 16.06.2009 14:46 Uhr: > All, > > I am using the latest version of Apple Mail and the GPG plug-in. I > exchange a lot of signed mail messages with Thunderbird users. I have > had a long-standing problem that I hope someone can share some insight > upon. Basically, if I sign any message and it is received by a > Thunderbird/Enigmail user, the signature does not verify and they report > a CRC error. If I take the exact same message and send it BOTH signed > AND encrypted, the signature verifies perfectly. You are posting here using a html-mail. Did you try verifying the signature with text/plain mails also? Usually html breaks gpg signatures, because of occasional line wrapping occuring on mail servers. > All of my keys have a signing sub-key. Is it possible that this is the > source of the problem? No, gpg always looks whether the signature belongs to the corresponding key. HTH Ludwig -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (Darwin) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iQEcBAEBCgAGBQJKN+r5AAoJEA52XAUJWdLjxF8IAJPyNag56uG0l6HOn61K5TaG CBadN2k9LuwgPgTfDaXyWldfDiDX8kKIqmejlBhyLIHFr8G0qsFOkSh6V2a1p1or OqLBDQFyiZv8/mt2iWHiYyBdzg05tKXq/WLf0RlWoZjuPBs3D8uKxsPkxt3VSl0A gVlXtQGxNEOGWMmvDMJLawS9PeHIIlQ+POJXGOd3+0bKcw95jBOv9+noHLJXx5BT oc1EK71OQCqL5G53uVuCZvpsmX+BOq79JHDv7Ga1Tw36b8I89H1Fa4u1zLFm9dU3 p683Pb+aB5hKkpwdFDO2C8VqnwPdTZvlOeFKglqepMJJR1WDkKuiDwCFOd1C6aM= =QD5R -----END PGP SIGNATURE----- ------------------------------------------------------------------------------ Crystal Reports - New Free Runtime and 30 Day Trial Check out the new simplified licensing option that enables unlimited royalty-free distribution of the report engine for externally facing server and web deployment. http://p.sf.net/sfu/businessobjects _______________________________________________ Macgpg-users mailing list Macgpg-users@... https://lists.sourceforge.net/lists/listinfo/macgpg-users