Using -x instead of -m when verifying gives "interesting" output:
$ signify-openbsd -Vz -p s3ql-5.0.pub -x signed.gz
untrusted comment: verify with s3ql-5.0.pub
RWSKPEtoJRYfrolP1xcoVCAxdIGvBp+I600+z5r4Ckcknx45J4pGrYvhlrWn6WTtwom7mTyjT7epM/oQyhfn/UbuKTR7pjN+0g0=
date=2023-08-01T16:10:04Z
key=s3ql-5.0.sec
algorithm=SHA512/256
blocksize=65536
05b894ec8534324eda46e2c71b2e9cd8c3e6f89432d222d06949076bc5236998
K����e2~⏎
This terminates with exit code 0... but somehow I'm not convinced that signify
did the right thing here.
Best,
-Nikolaus
