On 03/09/18 18:56, Fiedler Roman wrote: > With gpg1 a similar command should have verified, that the signature > is exactly from the single public key stored in "key.pub".
This has never been a supported use of gpg, it just happened to work because GnuPG 1.4 happened to use a bunch of exported OpenPGP certificates as the format of its public keyring. This was an implementation detail which enabled you to do this. Just because you can use the rear side of a screwdriver to hammer in a small nail doesn't mean you're meant to do carpentry that way ;-). In GnuPG, the homedir is pretty much not part of the interface, it is internal with some exceptions like .conf-files and being able to retrieve revocation certificates from it. The keyring format has changed and GnuPG also expects a lot of other different things in its homedir. So it no longer works. It could be that recently an option was added to check a signature by a certificate in a file, but in general you need to import a certificate before you can do verifications. I didn't see the new option in the few announcements I read. Either it was discussed and not done or discussed and implemented, can't recall. HTH, Peter. -- I use the GNU Privacy Guard (GnuPG) in combination with Enigmail. You can send me encrypted mail if you want some privacy. My key is available at <http://digitalbrains.com/2012/openpgp-key-peter>
signature.asc
Description: OpenPGP digital signature
_______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users