On Fri, Dec 16, 2011 at 10:26:04AM -0500, David Tomaschik wrote: > When executing gpg --check-sigs, there are reports of "bad > signatures." What makes a signature "bad"? For example, on a key I > signed that has several UIDs, one of my signatures on one UID is > reported as bad, but the rest are fine. I looked in the docs, but > didn't find anything... hope I'm not missing something obvious.
It means that one of the following things is true: * The key alleged to have made the signature did not make the signature. * The data on which the signature was made is different than the original data. * Someone made an error in the OpenPGP implementation. -- brian m. carlson / brian with sandals: Houston, Texas, US +1 832 623 2791 | http://www.crustytoothpaste.net/~bmc | My opinion only OpenPGP: RSA v4 4096b: 88AC E9B2 9196 305B A994 7552 F1BA 225C 0223 B187
signature.asc
Description: Digital signature
_______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users